Amazon.com has instituted a new policy that no longer allows its customers to phone in to change account settings, such as credit cards and e-mail addresses. This follows the hacking last week of Wired reporter Matt Honan's Amazon account, which in turn gave the hackers access to numerous other private online accounts belonging to Honan.
Honan took partial responsibility for his online vulnerabilities: "My accounts were daisy-chained together, he wrote in a post. "Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter."
But Honan also pointed out the flaws in the involved companies' security procedures: "Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information—a partial credit card number—that Apple used to release information," he wrote.
Apple told eWeek it had temporarily suspended the ability to reset AppleID passwords over the phone.
Formerly, Amazon customers could change an account's e-mail address or add a credit card number to an account simply by phoning in and giving their names, e-mail addresses, and mailing addresses.
While you can't always protect yourself against an online company's security gaps, make sure you follow best practices yourself. See our free Online Security Guide for tips on creating strong passwords, protecting your privacy on Facebook, and lots more.
How Apple and Amazon Security Flaws Led to My Epic Hacking
Amazon Quietly Closes Security Hole After Journalist's Devastating Hack
Apple, Amazon Change Security Policies After Hack of Journalist`s Accounts