You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

"This password has appeared in a data leak" notice on iPhone

Is there any way to find out what website the data leak was from when getting this on my iphone settings?


I want to find the culprit for me now having to change my password used on 59 other sites



[Re-Titled by Moderator]

iPhone 11

Posted on Sep 29, 2020 9:22 AM

Reply
Question marked as Top-ranking reply

Posted on Nov 7, 2020 5:33 AM

I have a similar scenario, receiving a notification on my iPhone that approx 80 of my username/passwords are the subject of a data breach. However many of my passwords on this notification are different. Ie, not the same password across all sites. I often use a similar password but with different letters or numbers at the end.


Some of these notifications even related to my wife's email addresses and passwords, and one was my sons school log-on with different passwords.


So how can it be that all these websites have suffered data breach at the same time??


I can understand the concept of, say, a retailers website getting hacked and suffering a data breach that contains a list of all its customers including my email and password. And I get that as a precaution Apple may notify me about a potential breach for any other websites where I may have the same email & password combination. But why would I be notified of many other passwords being at risk? Is it because they may contain 'part' of the same password? But that still doesn't explain the notifications relating to my wife and sons passwords which are nothing like mine.


Its almost as if Apples whole key chain password app in my iPhone has been compromised and its spat out all the ones that don't contain a 18 key encryption.


I'm slowly working through them all again and changing them.


Thanks



133 replies

Jul 31, 2021 5:52 PM in response to Aqellezra

I don't know whether this answer has been suggested - I didn't read the whole thread...but I'd like to suggest that perhaps the "warning" IS the scam, like some sort of MLM fiddle, where, if you use the warning itself to initiate the password updates, that's when you are actually breaching your own security and handing the scammers your passwords. If you're really concerned about it, I suggest never following the warning's link, but restarting and then going to sites that require your password directly, as you normally would, and change them then.

Otherwise, I think the "warning" is BS, and is, in fact, the danger.

Jul 31, 2021 6:06 PM in response to IamMrZ

IamMrZ wrote:

I have just received this notification too. From the date I started recent accounts across different services it is very obvious that the data leak can only have come from Google, Apple or Microsoft or a combination of all three.

WRONG. Leaked passwords have not come from Google, Apple or Microsoft. They have come from hundreds of businesses and sites that have been hacked over the past few years. Like Equifax, Marriott, Zynga, and hundreds of others.

Jul 31, 2021 6:09 PM in response to Lawrence Finch

Thanks for the reply. I have no doubt that the various functions described in your referral are in place. But the "warning" I've been getting doesn't particulary look like an Apple graphic. And, incidentally, I'm not getting them on my phone, although I'm not sure that would matter. But, if I were looking to gather passwords nefariously, this would be an excellent way to do it.

Thanks again.

Aug 15, 2021 1:24 PM in response to Aqellezra

Hi

I have received this notification too although I use a password manager as well as having checked on HaveIbeenpawned and neither of them report a problem.

Some of these at least are clearly linked to the email address not the password.

I know this because about 4 years ago one of my email addresses was compromised in a data breach and that was reported to me by my password manager.

I retired the address and changed all the passwords associated with it.and it is mostly very old passwords I changed long ago associated with this email which are being flagged.

To be clear, the email is the same but the passwords are all different.

So I suggest you also check that the email address in the notification has not been compromised.

There are also a couple of other old passwords which are frankly a bit simple and just happen to be the same as ones leaked from someone else. I'm happy to say none of my very strong unique passwords created by a password generator have been leaked and that's really the way you need to go.

Why Apple and not the other sites? I think Apple's reach is bigger. Considering how many devices it has supplied and every one of them signs into their cloud for something. Find my phone, email, register a product, photos, music. All using their servers for something.

Best

Aug 15, 2021 2:49 PM in response to Achi Newell

Hi, Achi - thanks for taking the time to reply in such detail to the original poster. It's been a couple of weeks since I posted my reply, and I haven't received 'the notice' again in that time...I posted as a warning that the notices - at least some of them - might themselves be attempts to get people to reveal their info, and I still think so. The "urgency" with which some of the responders press you to address it could be a good thing, or it could be - when they then refer you to commercial sites of possibly dubious nature - another sign.

Personally, I DO use Apple's password generator, and have only a couple unused passwords from the distant past.

Again, I'm sure this is a valid issue, but I'm not completely confident about some of the suggested "cures".

Aug 15, 2021 9:40 PM in response to boredumb

You make a very important point and I hadn't picked up on that.

Definitely, sometimes when you get a notification saying a password has been compromised it's a scam.

Same as when you get a pop-up saying your mac is full of malware. There was one someone posted here that looked very much like a scam

Similarly, be careful checking passwords. I think 'Have I been Pawned' is ok but there are sites that are collecting them so you may actually be giving them away when you enter them to be tested.

If your machine is compromised and has a keylogger installed, then changing your password will only give the baddies your new password so you need to occasionally run some anti-malware and Malwarebytes is respectable for the mac. You can run it for free.

So if you are getting notifications make sure they are really from Apple and you can do that by the following:

If you are on the phone then got to Settings>passwords and security alerts can be found there. (settings is the gearwheel if you aren't sure)

If you are on the mac then in Safari, on the 'Safari' tab on the top left address bar go preferences>passwords and you'll find a triangle next to any passwords they are flagging you about. which will give you more info when you click on it.

These Apple ones you can be sure of .

People should really use Keychain and allow it to generate strong, unique passwords.

Or a password manager if you want to use iOS and Android or Mac and Windows or if you want to use another browser other than Safari.

People worry about storing passwords in the cloud like in Keychain or a password manager, but if you have used them to log into something on the net then they are all out there stored in cyberspace anyway.

Where they are stored is less important than how difficult they are to get into and the sort of encryption and security Apple and the likes of Dashlane and 1password put into it is far greater than for the guy selling dogfood online working out of a broom cupboard, your dentist or even your lawyer!

Best wishes and thanks for the nice reply.

"This password has appeared in a data leak" notice on iPhone

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.