Bubblegum33

Q: iMessage hacked

I woke up this morning to see that my iMessage account had been added to an iPod touch, and 100 or so messages had been sent.  They ran my phone balance down from £10, to £0, and then it seems to have stopped. You can see a screen shot below:|
**********

 

I immediately changed my password/security questions etc.
I can't set up 2 step verification for 3 days. But will do that immediately.

 

Is there anything else I need to do to ensure I am secure again?
What else can they access?

 

Is there anything I need to do to inform Apple that this has happened so they can try to prevent it in the future?

 


I'm surprised it has happened as I never click links inside the emails or enter my details, I always forward them to phishing straight away...

 

Many thanks

 

 

 

Many thanks.

 

<Image Edited for Personal Information>

iPhone 6s, iOS 9.3.5, null

Posted on Sep 13, 2016 5:55 AM

Close

Q: iMessage hacked

  • All replies
  • Helpful answers

  • by Carolyn Samit,

    Carolyn Samit Carolyn Samit Sep 13, 2016 2:12 AM in response to Bubblegum33
    Level 10 (122,600 points)
    Apple Music
    Sep 13, 2016 2:12 AM in response to Bubblegum33
  • by Carlos CR,

    Carlos CR Carlos CR Sep 29, 2016 6:24 AM in response to Carolyn Samit
    Level 1 (4 points)
    iPhone
    Sep 29, 2016 6:24 AM in response to Carolyn Samit

    Hi This happened to me today as well, When I woke up I received an email saying that my apple account was used to connect to iMessage with a Macbook Pro 13" called "Macen".

     

    I checked iMessage and there are like 20+ Messages with Chinese Language

     

    I immediately changed the password and security question and also requested the 2 Steps verification but I need to wait 3 days to enable it.

     

    I have a real concern on this, since I had a strong password in my account and Apple Id has sensitive information so have Apple database has been hacked?

     

    I only use my apple ID in my iphone I can recall the last time I used to find my iphone on a PC but that was lots of months ago.. So I'm really concern about this... Has apple provide some info on this yet? IMG_8960.PNGIMG_8961.PNG

  • by Phakom,

    Phakom Phakom Oct 1, 2016 12:05 PM in response to Carlos CR
    Level 1 (15 points)
    Oct 1, 2016 12:05 PM in response to Carlos CR

    i faced the same today morning and it was scary and annoying to see tons of messages in chinese. i happen to reset my password but not sure if this is a wide spread attack. i have both an Ipad 2 and Iphone 5s liked to my apple id.

     

    Phone number sending the span chinese imessages starts with numbers +86 139-XXXXXXXXX.

     

    Here is the other the post i did : Imessage account hacked

  • by Carlos CR,

    Carlos CR Carlos CR Oct 4, 2016 12:38 PM in response to Phakom
    Level 1 (4 points)
    iPhone
    Oct 4, 2016 12:38 PM in response to Phakom

    wow, looks like this thing is being spread... I think there must be some vulnerability at Apple that is allowing Chinese hackers to access iMessage regardless the Cell Phone companies or even the Country.

     

    I hope Apple do something quickly since banking information is on this apple id's ... not good!

     

    I the meantime I changed my apple Id pass and set up the 2 steps confirmation, however, since root cause has not been found I'm not sure if this actions will keep us safe from Hackers.

  • by KiltedTim,

    KiltedTim KiltedTim Oct 4, 2016 12:45 PM in response to Carlos CR
    Level 9 (55,990 points)
    Mac OS X
    Oct 4, 2016 12:45 PM in response to Carlos CR

    The Vulnerability is not at Apple. It's with poor password practices by the owners of the accounts that have been hacked.

    There have been several large, high profile leaks recently, most notably the disclosure that roughly 500,000,000 accounts were leaked from yahoo. ( http://mashable.com/2016/09/22/yahoo-confirms-data-breach/#1Aa_e17kysqK )

     

    People who follow poor security practices, like using the same password for multiple sites or online services are extremely vulnerable to having other accounts compromised when something like this happens.

     

    Use unique strong passwords that are different for every site and service you use or subscribe to and enable 2 factor or 2 step authentication whenever it is an available option. That will greatly reduce your risk.