Hackers broke past DeRay Mckesson’s two-factor verification protections by stealing his phone number

A hacker was able to gain access to Deray Mckesson's phone today just by knowing the last four digits of his Social Security number.

The hacker called Verizon and impersonated Mckesson and changed his SIM (where a user's phone number is stored) to another phone. Once transferred, the hacker was able to bypass the two-factor authentication Mckesson had set up on his Twitter account (@deray), two email addresses, and his phone.

Since learning of the hack, Verizon has said it "has other safeguards in place" to prevent the same issue happening in the future.

I was hacked today: my Twitter account, two email addresses, & my phone. It was not due to passwords, they hacked my phone account itself.

— deray mckesson (@deray) June 10, 2016

At 10:31 am, someone called @verizon impersonating me and successfully changed my SIM & unsuccessfully attempted to change my phone number.

— deray mckesson (@deray) June 10, 2016

By calling @verizon and successfully changing my phone's SIM, the hacker bypassed two-factor verification which I have on all accounts.

— deray mckesson (@deray) June 10, 2016

Today I learned that it is rather easy for someone to call the provider & change your SIM. The hacker got the account verification texts.

— deray mckesson (@deray) June 10, 2016

I'd realized that my phone had been hacked & separated from the actual phone number when the web only routed here: pic.twitter.com/zwYygVfbYy

— deray mckesson (@deray) June 10, 2016

The staff from @twitter were incredibly helpful once alerted and helped to both delete some of the hacked tweets and give me back access.

— deray mckesson (@deray) June 10, 2016

They simply needed to last four digits of my social security number to gain full access to my @verizon account. https://t.co/EHTJhkTQE3

— deray mckesson (@deray) June 10, 2016

The hacker got access by changing my SIM which redirected texts, then resetting my passwords to trigger two-factor authentication. Intense.

— deray mckesson (@deray) June 10, 2016

They didn't need the passwords up front. They changed the SIM, reset the passwords, got the codes, reset passwords. https://t.co/oAT8MmjgnE

— deray mckesson (@deray) June 10, 2016

EP

There's never a dull moment in the ongoing saga of American Apparel. 

This week, the Business of Fashion reported a rumor that the company has hired an investment bank to discuss a possible sale. When the publication reached out to Dov Charney, who founded the company in 1989 but was ousted from his role as CEO in December 2014, he said that he would consider buying his former company if the price was right. In January, he unsuccessfully tried to purchase American Apparel for $300 million with the help of investors. 

Charney was kicked out of the company by the board for a litany of alleged reasons, including misusing funds and allowing the publication of naked photos of former employees who had sued him for sexual harassment. He was replaced by fashion industry veteran Paula Schneider.

Our Anjali Mullany recently interviewed Schneider for an in-depth feature and described  her plans to breathe new life into the brand. Here's an excerpt about how her team is reimagining the company's imagery. 

…Schneider's marketing team is attempting to tone down American Apparel's ads without diluting the brand. "All we did is change the gaze from a voyeuristic male gaze to [a] female point of view," Schneider says. "She should still be sexy, or he should still be hot, but it's not as sexualized." Design director of branding Benno Russell (who worked for the company for 11 years until he left in 2014, and was rehired by Schneider's regime last year) says the distinction between the two points of view is pretty simple. "The male gaze entails that you're creating an image for male consumption—and if you refute that, the opposite is the female gaze," he laughs. "It's crucial you have somebody being photographed who feels empowered and is empowered, versus someone who is more subjugated," he adds.

After all the talk about diversity in tech, and all the energy spent trying to attract women to the field, IT remains a largely male-dominated occupation, and one increasingly reliant on foreign-born workers. That's the hard truth from a new report by the U.S. Census Bureau. 

In 1990, about 31% of jobs under the general heading "IT" were filled by women. After that the number fell 6%, the report says, to 25% in 2014.  Meanwhile, the number of women in the workforce in general has grown from 38% to 47%. Foreign-born workers now constitute almost a quarter (24%) of the U.S. IT workforce, and that number is growing, the report shows.

The IT field in general has blossomed in both numbers and complexity over the past four decades. In 1970 there were about 450,000 IT jobs in the U.S.; now there are 4.6 million (or about 2.9% of the workforce). Only three categories of IT jobs existed in 1970; now there are 12.  MS

The First Family of Facebook may be making good on their pledge to give away most of their wealth. Mark Zuckerberg recently sold around $95 million worth of Facebook stock to fund Chan Zuckerberg Initiative Holdings and the Chan Zuckerberg Foundation. The sale was disclosed as part of a regulatory filing and reported on late Friday by Bloomberg. Comprising more than 760,000 shares, it marked the first big sell-off to fund the Facebook chief's philanthropic ventures. 

Following the birth of their daughter in December 2015, Zuckerberg and his wife, Priscilla Chan, pledged to give away 99% of their wealth. Some critics have doubted that their motives were purely altruistic, noting that the couple had set up an LLC, as opposed to a charitable trust. 

Either way, it's a good time to sell. Facebook shares have been booming since late July, when the company—bolstered by soaring mobile ad sales—crushed earnings estimates   CZ

Only hours ago news dropped that Paul Manafort resigned as Donald Trump's campaign manager, and now CNN reports that the Justice Department and the FBI are eyeing Manafort's firm as part of a wider investigation into the possibility that U.S. firms aided corrupt Ukrainian president Viktor Yanukovych. It's known that Manafort's firm did lobbying and PR work for Yanukovych, but the probe marks the first formal investigation into the propriety of that relationship.

Yanukovych and members of his party were ousted from power after a public uprising in 2014.

The probe is also looking at Yanukovych's dealings with the Podesta Group—the lobby firm run by Tony Podesta, brother of Clinton campaign chairman John Podesta. MS

You can be a "Patriot," you can jump on board the "TrumpTrain," you can be "Big League," and you can even find out how much time is left until "We Defeat Crooked Hillary."

Coming on the heels of Hillary Clinton's mobile app, Donald Trump has released his own: "America First" is a tool for iOS and Android that lets fans of the Republican presidential nominee try to earn points by "taking action to unlock special activist badges and win prizes."

The app offers Trump videos, the ability to check in at rallies, and a leaderboard.

And much like Trump's frequent promises to reveal many more policy positions at some undetermined point in the future, the app's iTunes page similarly commits to rolling out "many more features" in the weeks ahead.

Election Day is November 8. DT

It's billed as "the most unique, and quite possibly the first, Apple-1 ever created." The "Celebration" Apple-1 was built by Steve Wozniak and Steve Jobs in Jobs's parents' house on Crist Drive in Los Altos, California in 1976. It's now selling at auction at Charitybuzz.com.  The bidding has already reached $270,000 (after a total of three bids) with more than a week left in the auction. The proceeds will go to the Leukemia & Lymphoma Society of Arizona.

The board (which could feasibly be powered up with some repairs) includes a period-correct power supply, original Apple-1 ACI cassette board, early Apple-1 BASIC cassettes, original marketing material, and a complete documentation set. MS

According to the New York Times:

• General Motors
• Apple
• Google
• Amazon
• Uber
• Didi Chuxing

Talks were most serious with GM, which The Information reported earlier this month. According to the Times, Lyft's $5.5 billion valuation has been the biggest barrier to finding a buyer. SK

It's #NationalAviationDay. We're celebrating NASA tech on board. #FlyNASA pic.twitter.com/FKmBUkbUW7

— NASA Aeronautics (@NASAAero) August 19, 2016

Glass cockpits. Winglets. Chevron nozzles on Boeing's 787 Dreamliner engines.

These are some of the innovations that NASA has contributed to aviation and that it is touting today as part of National Aviation Day.

So while you probably think of Space Shuttles and the International Space Station–which most of us never got to experience–when you think of NASA, the space agency doesn't want you to forget its impact on the airplanes we fly on every day. DT

This story has been updated.

For weeks, Donald Trump supporters have expressed increasing levels of distrust about the voting process—and new poll numbers show the extent of those doubts. Only 11% of his supporters are "highly confident" that votes across the country will be counted accurately in the general election, per a new survey by Pew Research Center. Hillary Clinton's supporters aren't that much more confident—only about half of them (49%) are highly confident votes will be counted accurately.

Just 38% of voters backing Trump are very confident their vote will be accurately counted https://t.co/INqpArlCi1 pic.twitter.com/1PYJeXeWVu

— Pew Research Center (@pewresearch) August 19, 2016

MB

Digital attacks on the World Anti-Doping Agency's servers are likely the work of Russian state-sponsored hackers, according to security firm ThreatConnect. 

The hacks may be a response to WADA's ban of Russian athletes linked to state-sponsored doping from the Rio Olympic and Paralympic Games, the company said in a blog post Friday.

Domain names used in phishing attacks spoofing WADA accounts were registered using webmail providers and anonymous domain registration sites previously used by the Russian group nicknamed Fancy Bear, also linked to recent attacks on Democratic Party servers. The domains were registered around the time of the Russian ban announcement, according to ThreatConnect.

Since an email address and WADA login belonging to Yuliya Stepanova—a Russian athlete who exposed details of the country's state-sponsored doping program—were also hacked, ThreatConnect researchers speculated the attacks may partially be an attempt to intimidate future whistleblowers. SM

Vevo has big plans, and it's seeking big bucks to execute them.

The video hosting service has enlisted the help of Goldman Sachs as it tries to raise as much as $500 million in funding, according to the Financial Times. Whatever cash it manages to raise will go toward expanding overseas, creating more original videos, evolving its apps, and building out the infrastructure, manpower, and licensing deals it needs to launch a subscription service. 

Started in 2009 by Universal Music and Sony, Vevo hired a new CEO earlier this year and is busy investing in original, MTV-style programming, in addition to working toward its subscription service. But first, it needs money. Lots of it. JPT

Health insurance giant Aetna said earlier this week that it would pull back from the Obamacare exchanges, citing financial losses. That generated a firestorm of criticism of the Affordable Care Act from conservative leaders, including Ted Cruz. 

But a report in Huffington Post suggests that a key trigger may have been the Department of Justice's decision to block Aetna's potentially lucrative merger with Humana. That report included a letter from Aetna's CEO to the DOJ with a thinly veiled threat: "[I]f the deal were challenged and/or blocked we would need to take immediate actions to mitigate public exchange and ACA small group losses."

On social media, many are debating the following: Is Aetna's decision to cut its support for Obamacare evidence that the exchanges are failing? Or did Aetna's executive team use its participation as leverage to ensure its merger would be approved? The answer depends on your politics. 

Another blow to Obamacare: https://t.co/kuCv6Iuxh5

Now help us fight for #FullRepeal: https://t.co/vUjcoX2JPN

— Ted Cruz (@tedcruz) August 18, 2016

.@Aetna's threat to Dept. of Justice: If you reject our merger, we will pull out of health exchanges. Must read: https://t.co/z8YneBwhPK

— Bernie Sanders (@BernieSanders) August 17, 2016

Lesson for the next big insurer hoping to use Obamacare to extort the government is don't put the threat in writing. https://t.co/zjp2ajkSef

— Brian Beutler (@brianbeutler) August 17, 2016

The plot thickens: Aetna was profitable in Pennsylvania's Obamacare hix. They quit anyway, @bjdickmayhew reports. https://t.co/P0WCZZl5ir

— Dan Diamond (@ddiamond) August 17, 2016

CF