New ask Hacker News story: The ability to reset your iCloud password with a keycode is a security flaw
The ability to reset your iCloud password with a keycode is a security flaw
4 by gkiely | 2 comments on Hacker News.
I just wanted to share this in the hopes that someone at Apple sees this and to make others aware of the scam. A friend of mine over the weekend mistakenly tried to help someone and they saw him enter his passcode. The thieves took his phone and then shortly after his iCloud password was reset, making it impossible to access the phone or disable the phone via find my phone. The perps then had access to all his accounts, started making fraudulent charges and likely accessing his data. This was a huge privacy breach for him and apple is unable to do anything other than reset the iCloud password, which takes 24 hours. I am unsure if this will rectify the issue. My friend made a mistake but nonetheless this could've been prevented by a simple security question or 2 factor authorization from another device. I've included a number of other occurrences of this happening below. I call on anyone who works at Apple to raise this issue up the chain of command. And also to reaffirm the advice to never give your phone to a stranger, which I unfortunately had not given to this friend. People who have had this issue: https://ift.tt/EtL8CMd https://ift.tt/3ZtoqEA https://ift.tt/l9vkCoK https://ift.tt/K5UZ6uI https://ift.tt/WakQsDA https://ift.tt/9eVngzH
4 by gkiely | 2 comments on Hacker News.
I just wanted to share this in the hopes that someone at Apple sees this and to make others aware of the scam. A friend of mine over the weekend mistakenly tried to help someone and they saw him enter his passcode. The thieves took his phone and then shortly after his iCloud password was reset, making it impossible to access the phone or disable the phone via find my phone. The perps then had access to all his accounts, started making fraudulent charges and likely accessing his data. This was a huge privacy breach for him and apple is unable to do anything other than reset the iCloud password, which takes 24 hours. I am unsure if this will rectify the issue. My friend made a mistake but nonetheless this could've been prevented by a simple security question or 2 factor authorization from another device. I've included a number of other occurrences of this happening below. I call on anyone who works at Apple to raise this issue up the chain of command. And also to reaffirm the advice to never give your phone to a stranger, which I unfortunately had not given to this friend. People who have had this issue: https://ift.tt/EtL8CMd https://ift.tt/3ZtoqEA https://ift.tt/l9vkCoK https://ift.tt/K5UZ6uI https://ift.tt/WakQsDA https://ift.tt/9eVngzH
Comments
Post a Comment