Good on Washington Post reporter Brian Krebs for digging deep into Paris Hilton’s hack, uncovering how a group of kid hackers slowly worked the T-Mobile system, exploiting both security weaknesses in their web site and common sense weaknesses in T-Mo employees. It seems the kids had the ability to pwn any Sidekick to which they knew the phone number, and conned a store employee to give them access to a database of users.
“Major corporations have made social engineering way too easy for these kids. In their call centers they hire low-pay employees to man the phones, give them a minimum of training, most of which usually dwells on call times, canned scripts and sales.”
Paris Hilton Hack Started With Old-Fashioned Con [WashingtonPost]
