Social engineering apparently helped hacker-posing-as-Apple-user to gain access to user's iCloud data and wipe out massive data.
Apple sidestepped security procedures and inadvertently allowed hackers to access an Apple user's iCloud account that resulted in massive data loss, the Forbes reported Sunday.
Apparently, hackers gained access to the iCloud account of Mat Honan, an Apple iCloud user and remotely wiped out his iPhone, iPad and MacBook data.
The Forbes report also mentions how the incident was initially mistaken for forced entry into the iCloud account, but actually, was a case where Apple accidentally enabled hackers access to user's account.
- FOLLOW IBTIMES
The hacker posed as the user and tricked Apple tech support into enabling access to the iCloud account, the report indicated. This was facilitated through "Social engineering," whereby the person or entity on the other end can be tricked to do what one wants by making them believe in false identity as the real one.
It is alleged that there is no protection against such targeted attack as even the best passwords and security questions can be bypassed in such attacks.
The report goes on to urge Apple to err on the side of caution, forcing hackers-posing-as-users to answer a number of queries before enabling access to account as it is common for users to forget their passwords and security questions.
However, the attack clearly highlights how the weakness in the system had been tapped and how the organization needs to spruce up its security measures.
This article is copyrighted by International Business Times, the business news leader