Electronista

Mobile News   iPad  
updated 03:47 PM EDT 03.22.13
Exploit allows Apple ID account hijack with little info [u]
(Updated with Apple disabling the iForgot password retrieval page) A new exploit lets people hijack an Apple ID account using only an email address and someone's date of birth, says The Verge. The process involves pasting in a modified URL while answering the date of birth question on Apple's password retrieval page. Doing this lets someone reset an Apple ID's password, locking out the original owner unless they can get Apple's help.