---- Account Hack, User Speaks Out: Lessons To Learn
incrediBILL - 3:55 pm on Aug 7, 2012 (gmt 0)
It turns out, a billing address and the last four digits of a credit card number are the only two pieces of information anyone needs to get into your iCloud account.
Identity theft 101 - Getting a billing address and the last 4 digits of a credit card are child's play.
Apple issued a temporary password. It did this despite the caller’s inability to answer security questions I had set up.
The problem isn't iCloud, it's iSupport which is apparently powererd by iDiots. All of the security flaws involved are HUMANS running TECH SUPPORT that have shoddy verification practices or based on what I just read, none whatsoever.
This is exactly what happens when you let too much of your digital life become entangled in a 3rd party.
At 5:00 they used iCloud’s “Find My” tool to remotely wipe my iPhone. At 5:01 they remotely wiped my iPad. At 5:05 they remotely wiped my MacBook.
This is why I don't have my devices set to be remotely wiped, it's too dangerous.
Besides, how stupid do you have to be to lose your iPhone, iPad or Macbook that you actually worry about wiping it in the event you lose them?
If they're stolen, that's another issue, but that also assumes you were stupid enough to leave them unattended in most of the cases of those devices being stolen.