Stolen IPHONE - iCloud Account Compromised and Locked by Thief

There are quite a few that’s right off the top of my head:

1. Security questions as someone aforementioned.
2. Automated camera feed verification. 2D with ID or leverage Apples Face ID technology and hardware that’s already available.
3. Some human review of login patterns and escalation path. Apple sells their devices for thousands of dollars and only small percentage of users would have to go through this horrible situation, so don’t tell me this is not economical for Apple. Sounds like Apple decided to cut cost on this front because it’s not something that will hurt their PR. Well, if enough users go to social media exposing this severely flawed system maybe they’ll finally invest <1% of their revenue on a better system.

Everyone that’s in the same difficult situation should send feedback to Apple via Product Feedback - Apple. Apple, while touting its high level of security has came up with the most flawed account recovery system, with no human review nor intervention available if your Apple ID is hijacked. Imagine how ridiculous it would be if someone would be able to lock you out of your house bum simply stealing your SSN, who’s is what it feels like when your Apple ID is compromised.

S2000_Racing wrote:

Everyone that’s in the same difficult situation should send feedback to Apple via Product Feedback - Apple. Apple, while touting its high level of security has came up with the most flawed account recovery system, with no human review nor intervention available if your Apple ID is hijacked...

Do also consider proposing a better account-recovery system than what is available (and with or without security keys or recovery keys), and particular a system that works at the scale of billions, across myriad countries and regions and languages, and a system that can be equitably and economically implemented, and that is reasonably resistant to social engineering.

The EXACT same thing happened to me in Brooklyn on Aug 26. I can’t express how identical of a situation we both unfortunately experienced. iPhone stolen. I try to log into iCloud and it says I am locked out if my account. I contact my bank from a different phone and they tell me there have been multiple transactions made that were thankfully flagged as suspicious (although the thief did get away with a lot). My email address passwords had been changed, so I couldn’t access any of the verification codes being sent to verify my identify. I went to Apple to see if they can help me get in, but they tell me about a 28 digit code that I need to get in (but that I don’t recall having ever set up) and that without it, there is nothing anyone can do. I even asked them if this happened to Tim Cook could you get him in, and they said no. Seems like a flawed system that should require the old school security questions (example: name of first pet) as the ‘final security panel’ to allow you to bypass these codes in the event that you are locked out of all digital accounts and left without your own device. I could keep going on w details, but the fact that such an esteemed Tech company as Apple has failed to provide adequate security for victims of situations such as these is embarrassing. They should have the resources and foresight to prevent situations like these from going unsolved. Personalized security questions could be the difference between being locked out of my iCloud account forever and not. I had a lot of important info in that account (creative, legal, personal, etc) that I will never see again due to Apple flawed security system.

It should be an easy fix.

I’m in the exact same situation. I was robbed, the perpetrators took my phone and wallet, forced me to give up my passcode, and proceeded to change my Apple ID password and all my email passwords. I was able to regain my phone # via replacement SIM, and then regain my email accounts, but still am having trouble regaining my Apple ID, since the robbers would continuously log on to my Apple ID during the waiting period. There should be a better way for Apple to verify one’s identity and recover account for its users, this is a really flawed system. I don’t understand why my having trusted email and phone # doesn’t allow me to recover my account, I even went in to Apple Store and see if they could verify me with my ID, no dice.

I desperately need help, if anyone has any tips I would very much appreciate it.

With iOS 17.3, Apple has added a mechanism that can be explicitly enabled:

… Use Stolen Device Protection on iPhone - Apple Support

This is an additional protection, should the passcode of a stolen device be known.

mypostneedsattentionNOW Said:

"Stolen IPHONE - iCloud Account Compromised and Locked by Thief: [...]I'm writing this message because I need this to be brought to Apple's attention immediately. This is a cry for help - as my personal information and security is at risk.[...]"

-------

Troubleshooting a Compromized Account:

Do Two Things:

A. Verify this Device:

Verify that you the device is logged in to your account, by using this link: Check your Apple ID Device List to See where you're Signed in - Apple Support

B. Consider Modifying your Credentials:

Having been stollen, someone lily has your credentials. So, by all means, modifying them.

• Modify: your login credentials (Using Both a New eMail and a New Password for each and all sites)
• Associate: a different method of payment to your account
• Enable: Two-Factor Authentication for Apple ID and for all other accounts that have such an applicable option

Unfortunately anyone with access to your iCloud accounts username, password and a 2FA method will be able to login as yourself and access your iMessages directed towards your mobile number.

I would highly recommend contacting an Apple Support Specialist to see what their options are: Contact - How to Contact Us - Apple (AU)

According to the below document Apple has a procedure regarding the theft in of Apple ID accounts. Since you cannot reset your password this section will be most relevant to yourself:

If you think your Apple ID has been compromised – Apple Support (AU)

If you can't reset your Apple ID password or sign in

If you can't reset your Apple ID password or sign in to appleid.apple.com, go to iforgot.apple.com to start the account recovery process and regain access after an account recovery waiting period.

Find out more about account recovery

After you start account recovery

After you've requested an account recovery, you'll receive an email with a confirmation of your request and the date and time of when you can expect to regain access. This email will arrive within 72 hours.

• If you submitted your account recovery request with iforgot.apple.com through your device's browser, you should avoid using that device during this period. Using that device might cancel account recovery. 
• To avoid delays, turn off other devices that are signed in with your Apple ID until account recovery has been completed. 

When the wait period is over, Apple will send you a text or automated phone call with instructions to regain access to your account. Follow the instructions to immediately regain access to your Apple ID.

In some cases, you might be able to speed up the account recovery process or reset your password immediately by verifying a six-digit code sent to your primary email address. You might also be able to shorten the wait time by providing credit-card details to confirm your identity. If you’re given this option, an authorisation request goes to the card issuer.

Check the status of your request

At any time, you can see how long it will be until your account is ready for recovery, or when more information will be available. Just go to iforgot.apple.com and enter your Apple ID.

Based in the posting, your i{hone and Apple ID security was completely compromised.

Your options here are limited.

Here is how to: Contact Apple for help with Apple ID account security - Apple Support

mypostneedsattentionNOW wrote:

Thanks for answering. Yes, my point is here that my options are limited and there's a serious privacy concern with this issue.

Again, compromise of a device passcode and compromise of an Apple ID is catastrophic for the associated data, including all your passwords, passcodes, mail, messages, contacts, app tokens, social media, saved messages, files, health data, wallet contents, and the rest of the contents of the device and of the Apple ID.

And the thieves can use some of that same data to try to phish some of your contacts.

Again: Contact Apple for help with Apple ID account security - Apple Support

Try to regain control of the Apple ID.

tking664 wrote:

…It should be an easy fix.

Losing both your iPhone and your passcode together is catastrophic, and is not an easy fix.

Use of Face ID and Touch ID do reduce the chances of exposing a passcode.

Using longer and more complex passcodes makes obtaining the passcode somewhat tougher.

(But not tougher against increasingly ubiquitous video recording.)

(Longer? I’m using Face ID and an alphanumeric password out past 12 characters. Tougher to capture.)

Another option includes enabling and using security keys, but many folks won’t want that hassle.

tking664 wrote:

Expert thieves have ways to bypass an iPhone passcode, and once they do that, they can access your email accounts and change all your account info. In the event that happens, and the rightful iCloud account holder is locked out of his/her own email accounts (of which the passwords have already been changed by said thief) and doesn’t have a device to do 2FA, then how are we supposed to login to iCloud?

Once they gained control of my iCloud, they created the 28 digit recovery key which further prevents me from ever accessing my account. This is a flawed system. As an alternative to this 28 digit recovery key, there should be a series of personalized questions asked to the rightful account holder (which should be established as soon as an iCloud acct is first created) in the event that the recovery key is not found. This is my idea of an easy fix for Apple security to prevent their clients from being permanently locked out of their accounts

Expert thieves and adolescent kids in many home kitchens have been “shoulder surfing” passcodes for a while, yes.

Pending some change in iOS and iPadOS, the approach generally suggested is to use Face ID or Touch ID and to avoid entering the passcode where it can be observed. This same suggestion holds for entering a passcode at ATMs, and other such.

If you have suggestions for the recovery key—I’d think that prompting for the Apple ID password when the recovery key is to be created might be more appropriate than adding everybody-forgets-those recovery questions—send those to Apple:

Product Feedback - Apple

PS: The whole point of the recovery key mechanism is to not provide what you are seeking here, too. The recovery key intentionally blocks the ability of Apple to reset your Apple ID password, and to reset the recovery key itself.

First off, your phone is already “locked” by your passcode.

Even a “remote erase” - while it might lessen one’s apprehensions - will not make it any “more locked” or “more secure” than it is already.

Next, see and do this:

If your iPhone or iPad is lost or stolen - Apple Support

Third: EXPECT messages from the criminals - often claiming to be Apple - attempting to spear-phish you for your Apple credentials.

These sorts of messages are NEVER from Apple.

Do NOT respond, do NOT click on any links, and NEVER provide your credentisls.

Lastly: Do NOT remove your device from your AppleID. (doing so virtually “gives” a fully-functional - albeit completely erased - phone to the criminals)