smakki

Q: iPhone 6  stolen and Apple ID hacked in China

I owned an unlocked iPhone 6+ purchased in the U.S. I am in China on a business trip, and was using wifi provided by the organisers of the expo I am attending.

My iPhone was stolen 2 days ago from my booth at the expo. I realised it was gone and within minutes of the theft,

logged onto icloud loud from my MBP and checked the Find My iPhone tab. It showed my device offline.

 

my passcode and Touch ID were disabled at the time of the theft. but find my iPhone was turned on.

 

i filed a police report, and for the past days incessantly kept checking the Find My iPhone app on my spare phone

as well as on my MBP.

 

suddenly last evening, I got a notification saying that my Apple ID or password is incorrect.

 

i tried downloading an app from the App Store and it said the same. At this point I realised that my Apple ID had

been compromised. I logged on with MBP and changed the security questions and regained control of my iCloud.

 

but but to my disbelief my iPhone 6+ was not visible any more in my list of devices. I was totally shocked.

 

my questions are:

 

How did the thieves or hackers get to know my Apple ID password ( I have not notes or written it anywhere on my iPhone)

How did they manage to remove my iPhone 6+ from my list of devices ?

I have my box and receipt from the Apple Store, how can I blacklist my iPhone on the activation server ?

iPhone 6 Plus, iOS 8.3

Posted on May 24, 2015 7:16 AM

Close

Q: iPhone 6  stolen and Apple ID hacked in China

  • All replies
  • Helpful answers

  • by Meg St._Clair,

    Meg St._Clair Meg St._Clair May 24, 2015 7:34 AM in response to smakki
    Level 9 (58,959 points)
    iPhone
    May 24, 2015 7:34 AM in response to smakki
  • by FelipeV,

    FelipeV FelipeV May 24, 2015 7:48 AM in response to smakki
    Level 5 (6,723 points)
    iPhone
    May 24, 2015 7:48 AM in response to smakki

    smakki wrote:

     

     

    How did the thieves or hackers get to know my Apple ID password ( I have not notes or written it anywhere on my iPhone)

    How did they manage to remove my iPhone 6+ from my list of devices ?

    I have my box and receipt from the Apple Store, how can I blacklist my iPhone on the activation server ?

    1). You should have changed your Apple ID (and other) passwords as soon as you became aware of the theft. Your passcode was disabled. The thieves had total access to you phone. They probably made an educated guess or used a phishing scam to get your password. Or they managed to reset your password by answering your security questions with information gleaned from your phone. Or used a brute force password hack. The possibilities are endless.

     

    2).Once they had access to your iCloud/Apple ID, they could do pretty much what they wanted.

     

    3). Apple does not blacklist phones. As Meg has said, contact Security ASAP. Use two step verification for your Apple ID; it will offer an added layer of protection.

  • by Coolbobcat2,

    Coolbobcat2 Coolbobcat2 May 24, 2015 8:03 AM in response to smakki
    Level 3 (516 points)
    May 24, 2015 8:03 AM in response to smakki

    Hi,

     

    It can be hard to determine how the person whoever gained access to your Apple account got the information to login into your account. Usually when Apple determines unusual activity on your account, they'll send you an e-mail about the location, and time the account was signed into. You may be able to find that e-mail to help you a little more understand about how they gained access to your account. In the meantime, you can attempt to change your Apple ID password. I'll provide a link below from Apple that provides more insight on how to change your Apple ID password as well as other tips that may help with a compromised account.

     

    The iPhone 6+ could have been removed from your list of devices from accessing Apple's iCloud or Find my iPhone service with the Apple ID credentials.

     

    I'm not quite sure if you could have your iPhone blacklisted with Apple, I could be wrong, but don't hesitate to try. Here's the link I said I'd provide:

    If you think your Apple ID has been compromised - Apple Support

     

    Best of Luck,

  • by Metaprognostication,Helpful

    Metaprognostication Metaprognostication May 24, 2015 9:07 AM in response to smakki
    Level 1 (77 points)
    May 24, 2015 9:07 AM in response to smakki

    Did you have your email that was the primary email address for your apple ID setup on the phone itself? 

     

    If you did, that might be how they were able to get in.  You can reset the password by email verification.  So if the email linked to the Apple ID was setup on the phone, they could've just sent a reset password link to the email, went into the mail app, got inside your email, and changed the password from there. 

     

    If you didn't have a passcode on the phone, then that would be a very distinct possibility.  One thing you could've done was to change the email password as well so they could not have gotten in.

     

    It's highly unlikely that they could've done any sort of brute force method; the apple id account would've locked itself if you inputted the password too many times.  I believe it's around 10 times, and it'll lock itself.

  • by FelipeV,

    FelipeV FelipeV May 24, 2015 11:42 AM in response to Metaprognostication
    Level 5 (6,723 points)
    iPhone
    May 24, 2015 11:42 AM in response to Metaprognostication

    Metaprognostication wrote:

     

    Did you have your email that was the primary email address for your apple ID setup on the phone itself?

     

    If you did, that might be how they were able to get in.  You can reset the password by email verification.  So if the email linked to the Apple ID was setup on the phone, they could've just sent a reset password link to the email, went into the mail app, got inside your email, and changed the password from there.

     

     

    Good point. Forgot about that. As the OP never had (or disabled) the passcode, once the thieves were able to access the phone itself, they had a lot of leeway with what they could do.

     

    In the end, security is as good as the individual is willing to make it good.

  • by Cerveira,

    Cerveira Cerveira Feb 6, 2016 3:54 PM in response to FelipeV
    Level 1 (0 points)
    Feb 6, 2016 3:54 PM in response to FelipeV

    I had a similar issue except that my iPhone was locked AND with touch id activated. The less than half hour the thief gained access to my phone and then reset the Apple id password. The big question is HOW IT'S POSSIBLE TO GAIN ACCESS TO A BLOCKED iPhone???

  • by fivetonine,

    fivetonine fivetonine Mar 29, 2016 1:45 AM in response to smakki
    Level 1 (4 points)
    Mar 29, 2016 1:45 AM in response to smakki

    I had the same problem last week in China. Someone sniffed not only my password and Apple ID, but they contacted Apple Support in China (which sent me a Case ID) and then changed the password and security questions using the Device Serial Number of one of my devices. These have been in my possession all the time! So how could they have my serial numbers?

     

    Then I received the usual set of emails - your password was changed, your security questions were changed, your e-mail was changed. And gone was my Apple ID, in the hand of Hijackers. It took me two days and very good support from Apple Care Australia to get it back. The shock still sits with me.