What can thieves do with a passcode protected iPhone?

Question

Level 1

4 points

What can thieves do with a passcode protected iPhone?

Good evening, everyone.

My iPhone 13Pro Max (running iOS 17.5.1) was recently stolen, as soon as it was taken, the thief instantly placed it on Airplane mode, which blocks out any remote command that I do via FindMy on iCloud be left on "pending" (not fully executed).

The iPhone is passcode protected with a 6 digit pin. It also has FindMy activated on it which places an activation lock on it, should someone attempt to "restore" it via a computer.

I have:

Reported it to the officials as a missing device (using the IMEI)
Reported it to my phone carrier as missing (shut off my sim card and provided my IMEI too)
Placed an activation for "Lost Mode" command on FindMy online (pending status)

Since it has FindMy activated and is running the latest version of iOS (at this moment), I am receiving some updates of its location whenever it comes in contact with other devices on the FindMy network.

Since the phone was stolen, the thieves have:

Contacted me pretending to be Apple Support, notifying that they have located my device and "need my passcode" to verify that it is me (Uhh.. just email me the location?)
Contacted me asking for my Apple ID log-in details to "view the location".

--> Which, of course, none that I fell for.

After they knew that I was on to them, they have since made threats that they now have access to my photos (which is basically just a bunch of pictures with friends, food pictures, and pictures of notes I take from my classes).

--> If they already have access to my photos (meaning my data), why still bother me for the code/apple-id?

So, this leaves me with the question for this discussion post:

What can thieves actually do to your iPhone when it is protected by a passcode?

Can they:

Bypass the passcode using a computer software to access my data?
Unlock the iPhone and connect it to the Internet without Apple notifying me?
Access my data through a computer without getting the passcode? (i.e., images, etc).

How protected is the owner's data, actually, behind the protection of a passcode, on an iOS device running 17.5.1? What can thieves do to a passcode protected iPhone?

I'd like to know what my possible/potential exposures are with regards to breach of my personal data left on my device. Since I have my banking details there and account passwords on that iDevice.

Thank you for your time reading through this post, I look forward to hearing some of your responses!

iPhone 13 Pro Max

Posted on Jun 25, 2024 4:54 PM

Reply

Answer 1

Best reply

Bob Timmons

Community+ 2024

Level 10

162,362 points

Jun 25, 2024 5:42 PM in response to Luca-Muller

Can they:

Bypass the passcode using a computer software to access my data?

No, but they can try to guess your passcode. They only have 10 or less tries though, before the phone locks out and no more codes can even be entered.

Unlock the iPhone and connect it to the Internet without Apple notifying me?

No, for the same reason above. They will never get past the passcode.

Access my data through a computer without getting the passcode? (i.e., images, etc).

No, same reason. You are really asking the same question 3 times.

What can thieves do to a passcode protected iPhone?

Nothing, once the incorrect passcode attempts have occurred, the thieves would then need your Apple ID and Apple ID Password to bypass activation lock to get at the data on your phone.

I'd like to know what my possible/potential exposures are with regards to breach of my personal data left on my device. Since I have my banking details there and account passwords on that iDevice.

Same answer.

If you are still worried about the data on the phone, you can erase the phone remotely using Find My......if.....the phone can be located.

After all, the phone is gone. You will never see it again, but don't be surprised in a week or two if you see that the phone is located in China. Thousands of phones arrive each day at a huge remanufacturing plant there.

Reply

Answer 2

Jun 25, 2024 5:22 PM in response to Luca-Muller

would it be safe to assume that they indeed haven't guessed my passcode yet, right?

No way that anyone could ever guess your correct passcode in less than 10 tries.

For upwards of a million dollars, there is software that claims to be able to get into a phone. If you are a billionaire, a high government official, a spy, etc., you might be a target if your phone is stolen. But, even the FBI admits that they have a really hard time trying to get into an iPhone.

Reply

Answer 3

Jun 25, 2024 5:27 PM in response to Luca-Muller

Restated:

The “practical” answer is that loss or theft of a secure-passcode protected iPhone (known only to you and not easily guessed) is only an expensive nuisance.

e.g. You have procure a new phone, contact your carrier, restore from your most recent backup, setup FaceID, re-verify credit cards in Wallet, … etc.

It is NOT a risk of data compromise.

Because of this “hardness,” thieves have taken to phishing schemes - of varying sophistication - to obtain credentials from the owner via SMS, as it’s the only practical way to “crack” the phone’s defenses.

This risk too is declining as eSIMs replace nanoSIMs.

Reply

Answer 4

Jun 25, 2024 6:07 PM in response to Luca-Muller

A1: As soon as the phone is stolen, the nanoSIM is removed and placed in another device to determine it’s phone number.

This has to be done before you contact your carrier who cancels the SIM.

Then, they “have your number” and can contact you once you have your new device.

This risk can be mitigated w/ a SIM PIN, but it’s usage is a little clumsy and doesn’t scale well for the “masses.”

eSIM closes-off this attack vector.

A2. As long as the device remains on your AppleID — while it can be reset/erased — it CAN’T be activated again w/o your AppleID password (why it too is a phishing target).

This state is commonly referred-to as: “Activation Locked” and the device is essentially a shiny paperweight.

A3: It will either be sold online to an unsuspecting purchaser who thinks he’s getting a good deal, or shipped to a “chop shop” in China for parts.

Reply

Answer 5

Luca-Muller Author

Level 1

4 points

Jun 25, 2024 5:41 PM in response to Luca-Muller

Hey Bob and Chanttanoogan,

Thank you for your responses. It has given me more assurance on the security of my data with regards to this theft incident.

Since I assume this thread of discussion will pop-up next time someone (unfortunately) falls prey to another theft incident, I'm raising a few more questions which also came to my mind throughout this whole process.

Phishing scam -- How were the thieves able to identify which number to contact, when Lost Mode was never fully activated (left on pending)?
If indeed they are unable to access my data, would they be able to somehow wipe the phone and "reset" it so that they can sell it "refurbished" on the market? (Sorry Bob if this is repetitive again, but this time it relates to not accessing the data but rather just doing a full format of the device).
What then is the most likely scenario of what the thief will do to the phone given that they are unable to bypass the security features of the iPhone?

Reply

Answer 6

Luca-Muller Author

Level 1

4 points

Jun 25, 2024 5:13 PM in response to Bob Timmons

Hey Bob!

Thanks for taking the time to read my post, despite some of the questions being repetitive, I thank you for your patience.

Since they have made attempts to contact me to obtain the passcode/apple-id details, would it be safe to assume that they indeed haven't guessed my passcode yet, right?

Additionally, my concern of data breach stems from the available articles (and videos) online saying that software indeed does exist that can breach an iPhone and bypass the passcode security. However, I remain skeptical about this since Apple manufactures highly encrypted and secure devices, alongside groups of "white hat hackers" to ensure the security of the device.

Reply