Apple freezes AppleID password resets requested over the phone

Move comes after the hack of a Wired reporter's AppleID and Amazon accounts, leading to the loss of Gmail and Twitter accounts and multiple device wipes.

Apple has reportedly stopped taking AppleID password resets requests over the phone, following the account hack of a technology reporter over the weekend.

An unnamed Apple employee told Wired that the ban would remain in effect for at least 24 hours and speculated that the freeze was instituted to give Apple more time to determine what security policy changes, if any, were necessary.

That information was apparently corroborated by an Apple customer representative who said Apple had halted all AppleID resets requested over the phone. The explanation came as Wired was attempting to replicate a hacker's exploitation of the Apple system that led to the led to identity theft of Wired's Mat Honan.

The replication attempt failed because of systemwide "maintenance updates" that prevented password resets over the phone, the representative told Wired, suggesting they call back in 24 hours or try changing the password themselves on the Web at iforgot.apple.com.

"Right now, our system does not allow us to reset passwords," an AppleCare employee told Wired. "I don't know why."

CNET has contacted Apple for comment and will update this report when we learn more.

Honan's online existence was compromised last week by a hacker who used his AppleCare and Amazon IDs, along with his billing address and last four digits of his credit card to take control of his various online accounts. In a blog post Friday, he said an AppleCare representative fell prey to some social engineering , leading to the sabotage of Honan's online life -- with his Google and Twitter accounts being deleted and his MacBook, iPad, and iPhone being wiped clean.

Saying that its " own internal policies were not followed completely ," an Apple representative told Wired yesterday that the company was "reviewing all of our processes for resetting account passwords to ensure our customers' data is protected."

Amazon responded yesterday by closing the same exploit in its own system , a company representative confirmed today.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Is your phone battery always at 4 percent?

These battery packs will give your device the extra juice to power through all of those texts and phone calls.