I had the same IP address for 5 years. 5 months ago I installed a new router and got a new IP address. I have just requested an activity log from Apple and it shows that someone is accessing my Apple account and they have my old IP address. I believe I have unknowingly been made part of a network so that my accounts can be accessed
An IP address does not give someone access to your iCloud account.
If you mean your old AppleID username, then I don't think that is supposed to be possible.
However, I would change the AppleID password. Are you using two factor authentication? If so, you would be notified that someone was trying to log into your account.
Possible...
Malwarebytes...
https://www.malwarebytes.com/mac/
Or Mojave Cache Cleaner, which rubs on more than just Mojave & can test for Key Loggers also...
I realise that IP locations information isn't that reliable but it is too much of a coincidence that an IP address that I had for 5 years is showing in the same location as my current IP address.
Why not. The only thing the location of your IP address can tell you is the address of the registered owner of that IP address. You are most likely not the registered owner of that IP address. If you BT and Sky IP addresses are both registered in London (high probability), then they will be in the same location. I can't imagine two hosting companies that might possibly be closer in registration.
Dynamically-assigned LAN IP addresses change at the whim of the LAN-local DHCP server.
The DHCP servers in some routers might persistently map IP addresses via client media access control address, but that’s not a particularly common feature.
LAN-local IP addresses aren’t visible to Apple.
You are paranoid. I am. We all are. To a degree. There are folks out to get each and all of us, after all. The question here then becomes how much the attackers are willing to invest in gaining access. Whether the degree of paranoia is justified. There are folks well worth the investments of and the risks of a dedicated attack. For many others, not so much and the generic security attacks and the probes for generic mistakes will be used.
If you're an investigative journalist or a political activist or a dissident or a part of a political campaign or well-known or rich, or somebody with access to that... Then this calculation changes.
That "couldn't possibly happen" tends to be a common statement made by software developers, usually shortly before the bug is located or the misconception or the flawed assumption is identified. But then "Huh? That's weird..." has identified some rather funky problems, too.
There are a series of steps to take around your own computer security, not the least of which are configuring and maintaining complete and current and consistent backups. Preferably with some depth of backups.
Here? On thinking about this again, having access to the old IP address and having the password and the lack of Apple new-device-access notifications, makes this all look entirely incidental, such as a feature of the access logging that maintains a few different "recent" IP addresses. Having multi-factor authentication enabled and having a decently-selected password and having current software would reduce the likelihood yet further. And having robust backups can provide a path to recovery.
Change your password, if you're really concerned. Enable multi-factor if not. Commence backups, if not. But again, the chances of a rogue having your old IP address and the rest of your credentials is exceedingly slim.
I'm not inclined to have an add-on cache cleaners or add-on anti-malware tools for most cases, as those tools are themselves very ripe targets for attacks. Some of the add-on anti-malware tools from even very well-known vendors have been exploited, and few of the tools are themselves sufficiently isolated and sufficiently hardened. Adding kernel extensions and adding root-access-granted tools adds stuff to attack.
Thank you for your reply which is very helpful. I have posted on the Virgin community forum as I have a Virgin account and router but I was receiving replies stating that I am paranoid which I am definitely not and that what I was reporting couldn't possibly happen. The fact remains that I had the same IP address for over five years which changed only when I installed a new router but that the log obtained from Apple shows activity from the old IP address both on my account and that of my young son.
This is all part of a bigger situation as there is evidence that someone known to us, has been accessing our accounts and that this was possible because 'this person' originally had access to our devices, When I check the location of my current IP address it is being 'mirrored' by my old IP address and also a BT and a Sky IP address that have also shown up on activity logs. When I say 'mirrored' I mean that the IP addresses show as being in exactly the same geographical locations. I realise that IP locations information isn't that reliable but it is too much of a coincidence that an IP address that I had for 5 years is showing in the same location as my current IP address.
I hope you do not think I am paranoid but all I can think is that when 'this person' had access to my devices, he set up a network with him as the administrator and that I am on that network. Do you think that is a possible explanation please?
You can see your outside IP here, what the whole world sees, do not post it though...
Concur with Barney-15E...
Logins from new devices, and variously even logins from upgraded devices, and password changes, will all generate notifications from Apple.
Unless you expressly purchased a static IP address from your internet provider, your IP addresses will usually vary. Having the same IP (IPv4) address for years is increasingly unusual, given usual ISP practices, and given the exhaustion of available IPv4 addresses, and reboots from power glitches, and router firmware updates, and...
As stated, IP addresses have nothing to do with Apple ID security, or media access control (MAC) hardware addresses, or the rest. Apple ID authentication is separate from that.
IP address blocks—origin IP address blocks and the implied geographic region, and not individual IP addresses—might be used as some of the factors input into some fraud prevention systems, but again the IP addresses usually vary.
The path into your Apple ID is knowledge of your password and your multi-factor authentication, or knowledge of your password-recovery information. Not your IP address.
Chances are, there’s some “recent” historical data included that is intended to show your access patterns—or maybe some stale data—from the Apple ID access dump you got from Apple. Again, having just one IP address and for some years is getting increasingly unusual...
If you’re concerned about this, verify and potentially change your Apple ID password, and maybe your recovery data if you think that leaked. But the chances of somebody else having your same IP address and your password data or your password recovery data is pretty slim. A password reset will close that out.
If you don’t have multi-factor authentication enabled on your Apple ID, do turn that on.
But here? I wouldn’t bother with an Apple ID password change. This looks normal.
there are two IP's you get from a router one is called the WAN ip issued by the ISP (which will change as often as one week to one month) depending on the ISP, the other is called a LAN ip that comes from the router, your old one might have been something like 192.168.1.5 that is whats called a local or private ip on the LAN (in your home) the WAn side might be 10.254.16.96 that one is controlled by the ISP and will change. the only time your LAN ip will change is if you get a different router . I work for an ISP and work with FIber Optics I do this all day long
Someone is accessing my Apple account and they have my old IP address
