This is blatantly terrifying. Many times when the average person thinks about “hackers” they think of the persona portrayed by Hollywood and the media. Many times that persona is wiped away when you read even slightly detailed stories about modern security compromises that happen and the explanations behind them. You get just a small glimpse into how clever some people are, and it’s amazing.
Then you read stories like this. Stories that outline that there’s a completely different vector that not many of us think about. Sometimes security blunders have nothing at all to do with the technology, but instead with the people put in charge of maintaining and supporting that technology. It’s not always the software that’s the weak link, but instead something so seemingly unrelated as a customer support employee.
I am blown away that social engineering is still as applicable as it is.