This morning, Marko Karppinen, head of a Finnish software development firm found himself on the wrong end of a security breach. After attempting to log into his Apple Developer account he was startled to see that not only had his password changed but also his email address associated with it.
Sounds like the work of a highly skilled and crafty hacker, right? Well not exactly. Actually not at all. So how was this unscrupulous scheme concocted? With a simple email addressed to Apple stating, “am forget my password of mac,did you give me password on new email marko.[redacted]@yahoo.com.” Sounds like his scheme was about as well thought out as his grammar.
But alas, Apple responded by saying sure, here you go and simply handed it over. Luckily the culprit was not clever enough to change Karppinen’s security question and as a result he was able to get back into his account.
Following a rightfully disgusted email to Apple support, he was contacted by the Apple Developer Connection’s European support team who issued an apology for the mistake and assured him that this doesn’t normally happen.
This rather appalling mix-up is in no way connected to the recent online phishing scam that had reared its ugly face earlier this week. So, props to Apple, keep up those rigorous security thresholds.
