User profile for user: JimmyCMPIT
JimmyCMPIT
User level: Level 7
(29,223 points)

Public Service Announcement: Hacked ID's

by:  JimmyCMPIT
Last modified: Aug 4, 2017 8:25 AM
7 2650 Last modified Aug 4, 2017 8:25 AM

Twice in the past 24 hours someone has posted a message saying their ID was hacked and a hacker demanding $50 in bitcoin from at address hosted on the gmx mail server (...@gmx.com; BTW I've contacted the postmaster at GMX but I'm not holding my breath.). While I'm not the expert to tell you this is a trend or a rarity I am posting for the sake of users here who may or may not be aware there are simple steps to take that can protect your account far better from a potential "hack"


Firstly:

if this is a hack don't pay anyone regardless. There is no guarantee you will get your system unlocked by anyone.

Contact Apple at 1-800-MY-APPLE or use apple.com/contact for a list of worldwide phone numbers. and if you think your Apple ID has been compromised see this article:

https://support.apple.com/en-us/HT204145


Secondly consider the following preventive measures if you have not done so already:

You may wish to change your Apple ID log/pass with a password you do not use for any other on line service. If you use your same log/pass combo with another service (e.g. Yahoo, Twitter, Facebook, etc.) and that service is "hacked" then the perpetrators have to only try typing this same combo in any other service to get into your other accounts.

To change your Apple ID password, see the link below:

https://support.apple.com/en-ca/KM205079


To change the Email associated with the ID or remove the email currently in use:

https://support.apple.com/en-us/HT202667


Also consider enabling two factor authentication if you have not done so already.

Availability of two-factor authentication for Apple ID - Apple Support

Comments

User profile for user: LACAllen
LACAllen
User level: Level 8
(43,416 points)

Aug 12, 2017 11:28 AM

And to add...


This can only happen...


- if you have either Find My Phone of Find My Mac enabled.


- If you are using Apple's 2FA on your Apple ID.


- if they know your Apple ID and current password. So, changing your password ASAP is indeed critical to avoid it happening again.


It's an exploit of the shortcut to accessing the Find My Device feature at icloud.com. If you sign in with your Apple ID and current password, a prompt for the 6 digit verification code will be sent. You can bypass/ignore that prompt and still use the Lost Mode feature of Find My Device to enable Lost Mode.


For iOS devices, simply use your current lock screen passcode to end Lost Mode. They did not change it.


For a Mac, if you didn't have one already, they placed a firmware password on your Mac. Bring your proof of ownership to an AASP or ARS to have it removed. If you do have a firmware password, enter it to stop Lost Mode.

Aug 12, 2017 11:28 AM

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up