
Teen Who Hacked CIA Director's Email Tells How He Did It - ca98am79
http://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/?mbid=nl_102015
======
wyldfire
> ... providing the Verizon employee with a fabricated employee Vcode ... got
> the information they were seeking. This included Brennan’s account number,
> his four-digit PIN, the backup mobile number on the account, Brennan’s AOL
> email address and the last four digits on his bank card.

What's the use case for giving out the PIN? Seems like some elements of the
account holder's record should be revealed to no one by default and only
accept input and give confirmation. Perhaps the default behavior should be not
to trust the support team with this information.

