Apple launched a quick fix which enable hackers and attackers to reset any Apple ID with just the email address and DOB. The company took down the Forgot Password page immediately when they got to know about the exploit and it was unaccessible until they launched the fix.
Many Step-by-Step online tutorials were posted on the internet (of course! we will not link to it, if you are smart enough you can search for it on the internet), to hack anyone's Apple ID account.
Despite Apple rolling out two-step verification for logins a couple of days ago, many users had not switched over from the old system, which has been shown to be vulnerable to hacking. Any such user's password could have been easily reset using nothing but an email address and the date of birth.
Apple's quickly managed to roll out the fix and the exploits are not bricked and forced to stay at the other side of the wall.
Apple's quick fix comes after it was discovered that it was possible to access the page even it was taken down via other means. The only way for a user to protect themselves was to activate Apple's two-step authentication. However, some users had been told they would have to wait three days before the new system would get activated. All such accounts could have been potentially been a target.
However, Apple's users are advised to change their account password as soon as possible to avoid any unwanted account access which may have been achieved by the hackers and script kiddies.
Read More here
No comments:
Post a Comment