Reporter finds himself on the receiving end of AOL customer service social engineering
Incident Date: May 1998
Incident Location: USA
Reporter Jim Hu found out first hand how failures in American Online’s (AOL) customer service department can affect the security of customers. After a May 1998 interview with a hacker allegedly responsible for an attack on the ACLU, Mr. Hu finds that the hacker has broken into his AOL account. He infers that the hacker obtained his password by contacting AOL customer service.
Seeking to test the security himself, Mr. Hu calls AOL customer service to find out whether they properly identify him before making account changes. AOL customer service reps do request credit card or checking account verification during his first three calls. However, on the 4th attempt Mr. Hu discovers that the customer service representative doesn’t request personal information.
Title: How I got hacked on AOL
Author: Jim Hu
Publication: CNET News.com
Publication Location: USA
Publication URL: http://news.com.com/2100-1023_3-211631.html?tag=rn
Do you have additional information to contribute regarding this story? If so, please email firstname.lastname@example.org with the details and source.