| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to unauthorized access to digital accounts using Elcomsoft Phone Breaker software happened with the same software at one_organization, as mentioned in the article [87194]. Justin Potts gained unauthorized access to more than 100 women's digital accounts using the Elcomsoft Phone Breaker software between March 2015 and December 2016. The software was used to harvest usernames and passwords of online accounts, including Facebook, iCloud, Gmail, Yahoo, and Hotmail accounts.
(b) The incident involving unauthorized access to digital accounts using Elcomsoft Phone Breaker software could potentially be considered a software failure that has happened at multiple_organization, as the software was mentioned to be used by bad actors for unauthorized access. The Elcomsoft spokesperson acknowledged that their software is sometimes used by bad people for unauthorized purposes, such as breaking into someone else's account, which is a violation of their software agreement. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in the article can be attributed to the design phase. The incident occurred because the individual, Justin Potts, used Elcomsoft Phone Breaker software, which is designed for forensic access to information stored in Apple devices, to gain unauthorized access to more than 100 women's digital accounts [87194]. This software, although intended for law enforcement agencies, was misused by Potts for unauthorized access, highlighting a failure in the design aspect where the software was exploited for malicious purposes. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident in this case was primarily within the system. The failure occurred due to Justin Potts using Elcomsoft Phone Breaker software to gain unauthorized access to women's digital accounts by harvesting usernames and passwords [87194]. Potts exploited the software's capabilities to break into encrypted backups, obtain and analyze backups, synchronized data, and passwords from Apple iCloud [87194]. The misuse of the software by Potts for unauthorized access to various online accounts was a contributing factor originating from within the system itself. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was primarily due to non-human actions. The incident occurred because the perpetrator, Justin Potts, used Elcomsoft Phone Breaker software, a tool designed for forensic access to information stored in Apple devices, to gain unauthorized access to more than 100 women's digital accounts [87194]. The software itself was not designed for malicious purposes but was misused by Potts to harvest usernames and passwords, leading to the security breach.
(b) Human actions also played a significant role in this software failure incident. Justin Potts, through his deliberate actions, utilized computer knowhow and password-breaking software to access the accounts without permission. His intentional misuse of the software and his unauthorized access to the accounts demonstrate the critical role of human actions in causing this security breach [87194]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident in this case was not due to hardware issues but rather due to contributing factors that originated in software. The incident involved the unauthorized access to women's digital accounts by Justin Potts using computer knowhow and password breaking software like Elcomsoft Phone Breaker [87194]. The software allowed Potts to gain access to accounts such as Facebook, iCloud, Gmail, Yahoo, and Hotmail without permission of the owners, indicating a software-related failure. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case is malicious. Justin Potts gained unauthorized access to more than 100 women's digital accounts by using computer knowhow and password breaking software [87194]. He accessed accounts like Facebook, iCloud, Gmail, Yahoo, and Hotmail without permission and obtained personal information and photographs of the women [87194]. Potts saved this personal information on his electronic devices, indicating a clear intent to harm the system and violate the privacy of the account owners. Additionally, the software used by Potts, Elcomsoft Phone Breaker, is primarily intended for forensic access to information stored in Apple devices for law enforcement agencies, but it was misused in this case for malicious purposes [87194]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident:
The software failure incident in this case falls under the category of poor_decisions. The incident involved a man named Justin Potts who gained unauthorized access to over 100 women's digital accounts using password-breaking software. Despite the software being intended for forensic purposes for law enforcement agencies, it was misused by Potts for illegal activities, violating the software agreement. The software company acknowledged that their software was being used by bad people for bad purposes, indicating a failure due to poor decisions made by the individual misusing the software [87194]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident in Article 87194 can be attributed to development incompetence. The incident involved a man named Justin Potts gaining unauthorized access to women's digital accounts by using computer knowhow and password breaking software, specifically Elcomsoft Phone Breaker. The software, designed for forensic access to information stored in Apple devices, was misused by Potts to harvest usernames and passwords, indicating a lack of professional competence in ensuring the software's ethical use [87194].
(b) Additionally, the incident can also be categorized as accidental, as the Elcomsoft spokesperson mentioned that their software is sometimes used by bad actors for unauthorized purposes like breaking into someone else's account, which is a violation of their software agreement. The spokesperson acknowledged that while their software is primarily intended for Law Enforcement Agencies, they have limited control over preventing its misuse by individuals like Potts, indicating an accidental aspect to the misuse of the software [87194]. |
| Duration |
temporary |
The software failure incident described in the article is more aligned with a temporary failure. The incident involving Justin Potts gaining unauthorized access to women's digital accounts through the use of Elcomsoft Phone Breaker software occurred between March 2015 and December 2016 [Article 87194]. This indicates that the unauthorized access and breach of accounts were limited to a specific time frame, making it a temporary software failure incident. |
| Behaviour |
value, other |
(a) crash: The software failure incident in the article does not involve a crash where the system loses state and does not perform any of its intended functions [87194].
(b) omission: The software failure incident does not involve omission where the system omits to perform its intended functions at an instance(s) [87194].
(c) timing: The software failure incident does not involve timing issues where the system performs its intended functions correctly, but too late or too early [87194].
(d) value: The software failure incident involves a value issue where the system performs its intended functions incorrectly. In this case, the software was used by an individual for unauthorized access to women's digital accounts, violating the software agreement [87194].
(e) byzantine: The software failure incident does not involve a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions [87194].
(f) other: The other behavior in this software failure incident is unauthorized access and misuse of the software for illegal activities, specifically breaking into someone else's accounts [87194]. |