←back to thread

Didn’t Homejoy Shut Down?

(medium.com)
1121 points alokedesai | 2 comments | 28 Oct 15 19:51 UTC | HN request time: 0s | source
Show context
rathboma ◴[28 Oct 15 20:07 UTC] No.10466991[source]
You might want to obfuscate the last 4 digits of your credit card in that screenshot given how useful it is for hacking other systems.
replies(2): >>10467003 #>>10467108 #
johnsalzarulo ◴[28 Oct 15 20:21 UTC] No.10467108[source]
Card's already canceled. Thanks though.
replies(4): >>10467173 #>>10467182 #>>10467184 #>>10467404 #
1. lemevi ◴[28 Oct 15 20:31 UTC] No.10467184[source]
Doesn't matter, it's still confidential information that can be used to verify you or used to social engineer more information about you. "Hi sir, I'm calling in because I lost access to my account, I don't have my current card, but I do have the last 4 of my previous that I used on this service, will that be good enough?"

Like don't reveal unnecessary information if you don't have to. It's low effort, high risk.

replies(1): >>10467542 #
2. vladd ◴[28 Oct 15 21:24 UTC] No.10467542[source]
You should read: http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/

>> It turns out, a billing address and the last four digits of a credit card number are the only two pieces of information anyone needs to get into your iCloud account. Once supplied, Apple will issue a temporary password, and that password grants access to iCloud. <<

[Apple may have changed their policy meanwhile, but likely others did not]