At least part of the hack that led to the above was a result of a rather "open" loophole in Amazon.com's security. Prior to Tuesday, Amazon.com allowed people to call customer support and change the email address associated with an Amazon.com account or add a credit card number as long as the caller could provide three relatively easy-to-find pieces of information: name, email address and billing address.
The prior policy was exploited by hackers who gained control of Matt Honan's Amazon.com account. Once the main hacker (who called himself "Phobia" in his communications with Honan) had control of Honan's account, he was able to view the last four digits of a credit card linked to the account (Amazon.com does not expose all the digits of a credit card when a customer views their account profile).
It was the Twitter account that was the actual target, and just for lulz.
On Tuesday, that policy was changed. Phone calls to Amazon.com customer service confirmed the change, although there was no "public announcement." However, CS personnel who discussed the policy change with us said that it had been done to increase account security, and that the change had been made only that morning.
It's cold comfort to Honan, but it's something that other Amazon.com customers can be happy about.