Icloud account just got hacked

Your posts have boiled down to pretty much nothing but blaming the users in general, and quite frankly, the advice given by you and several others has been bad from the beginning. I understand your skepticism, it's easier to believe that someone simply typed in their e-mail address and password to download some emoticons, or used a dictionary password, or had a keylogger installed. However, Apple support should've been involved in the first user's problem, but he was told to ignore it because it was spoofed mail (Advice you advocated as 100% correct, I might add, despite the information he gave pointing to a bigger issue). Next time you decide to give advice, I would suggest you advise that a user contact Apple support, rather than hopping on the "Ignore it and change your password, move on" bandwagon.

I'd like to add a little something. So after being hacked twice, once on the 16th, again on the 17th, I haven't had it happen again. Both times I neglected to change my security question, which appeared to have been changed to "what kind of animal is a snake?" I may have put that in myself some time ago, but when I answered reptile, or a reptile, it didn't take, which makes me suspect that it had been changed. So the second time, they could have used that, but then I still hadn't changed it to a new question until just a few minutes ago. They've had a few days to go in and try again, and they haven't. I haven't checked my main computer for viruses like kungfumonkey claims to have found, but I will when I get a chance. I haven't noticed any issues with my other devices not being able to go online when it's online though, and I don't intend to give his post much thought until I see more similar reports.

Also I do have an iPhone.

I am wondering how many of us who have experienced this have iPhones? I have a feeling it's something to do with the iPhone.

You could be right, I wonder if everyone effected by this has an iphone

or an Apple mobile device of some kind.

I woke up this morning to find that neither my phone or my mac could access my icloud e-mail as I had been locked out of icloud. I reset my password (to something a lot longer and hopefulluy more secure) and managed to get access to all my iCloud services, but whilst everything seems fine on my mac, my phone has lots of blank emails that were alledgedly sent on either 01/01/1970 or 01/01/2001. they all say "this message has no content" and has no sender or subject. not only that, but when it comes up on my phone that I have an e-mail, it does not appear in my inbox.

On my mac it all seems to work fine, and I've noticed there are some windows and ubuntu users on here reporting problems too, so I'm inclined to think the problem is with iphones and ipads too.

Hope we hear news soon, I know its not normal for apple to come out and admit theres a problem, but I'd rather they hold their hands up and say they are working on it, rather than get left in the dark whilst users confidential data could be exposed.

Further to the above, I notice the issues are only affecting the unified inbox, not the individul inboxes for the mail services I'm connected to, further indicating an iOs issue in my opinion. was there not a recent update to iOs? could be a bug in that...

The issue you see is not related to this here. its a pretty standard problem iOS mail has had since 2.0 days. Whenever it fails to correctly fetch all data it leaves them blank with dummy data. switching to the distinct services and then to the unified inbox resolves that normally

its still not working, going to reset my phone and see if that helps, but still doesnt explain being locked out of my account and the 2 or 3 spam e-mails sent from my account. fortunately I dont tend to keep e-mail addresses in my contacts as I don't e-mail that many people.

Just wan't to add that I etiher got hacked for the third time or that apple just reset my password again as a countermeasure to another break in attempt.

Fortunately i deleted my contacts list in iCloud after the first go and there are no e-mails in the sendt folder in iCloud so I guess nothing big has really happened but something fishy is going on.

I'm a PC user but I have an iPhone 4 and the iPad 3 - I have no real basis for saying it but i DO have feeling that there either is a vulnerability within the iOS software that somehow reveals the iCloud login info - or that the iCloud service it self is vulnerable to attacks.

I've mentioned it earlier and it could be espcially crafted websites that do this, specific apps (although that seems less likely, in my case, becuase I only have the most common apps from "big" developers like Google, Facebook and some of the more popular games.

Maybe the iOS devices can even be exploited by devices on the same WiFi as them - who knows .. but my feeling is that somewhere out there is an exploit that is being actively used either against our devices or against the icloud service.

Just to recap - my account was first hacked on the 16th, then I had to reset the password again on the 17th and now yet again today.

I contacted an apple rep who gave me his contact details and told me they would monitor any activety closely - so for all I know, the last two password resets could be Apple's countermeasure to some sort of brute force attack against iCloud or whatever.

I will keep on bugging him for as long as this issue continues but as of now he has yet to reply to any of my e-mails, maybe I'll hear something tomorrow because of the weekend but as of now I DO NOT FEEL SAFE with the iCloud service as it is now and personally I have deleted EVERY photo and document and contact that has been backed up there - its probalby been stolen already - but there is no point in keep on using a cloud service that has obvious security issues.

Also, the MO in my account were as described by many others here. mails in my sent folder went to three of my contacts every time until everyone in my contact list was spammed .. this is something I'm NOT very happy about!

Deleting contacts and data from iCloud ASAP is the best advice I can give for now - and lets hope Apple steps up their security game (and information flow for that matter) to better help us understand what has happened, how and what countermeasures are being put into place..

Also, please add a way to see when the last log in time was and from what IP it originated ! that would indeed be helpful!

FYI no problems since the second reset. Make sure you change your security questions as well as your password.

I just got home and checked my LaunchAgents folder. Nothing unusual in there, so I think whatever was happening to kungfumonkey was unrelated and coincidental. The files in mine are:

com.apple.CSConfigDotMacCert-steve@me.com-SharedServices.Agent.plist

com.apple.SafariBookmarksSyncer.plist

com.valvesoftware.steamclean.plist

org.virtualbox.vboxwebsrv.plist

The only one that looked suspicious to me was the CSConfigDotMacCert, but it doesn't look abnormal inside.

FerrisWorld wrote:

The only one that looked suspicious to me was the CSConfigDotMacCert, but it doesn't look abnormal inside.

There are few older threads about it here, but nothing definitive. Seems to be associated with MobileMe Sync functions and perhaps iCloud. You might search your system.log for any errors associated with it as it's possible you don't need it any more.

I have something similar associated with iChat for some reason. It apparently controls the CSConfigDotMacCert process deep inside of /System/Library/Frameworks/CoreServices.framework/

I got hacked too. Spam in Sent folder, three contacts per email. Random password. No change in Security questions or alternate emails, though, so it makes me doubtful that anyone had my password. Otherwise, why not make it harder for me to change my password?

Wanted to start using iCloud, but with this whole discussion, I'm worried. Would I be able to use it without turning on the email feature? TIA

acutl wrote:

Wanted to start using iCloud, but with this whole discussion, I'm worried. Would I be able to use it without turning on the email feature?

I know of no way to do that. When you go through the process it simply asks you to agree to the licensing agreement and press the move button. There's no opportunity to pick and chose what you want moved.

I just want to point out that although there appear to be quite a few users here who have experienced this problem, it is a tiny fraction of the total iCloud users so you chances of it happening to you are miniscule.

Also, even though loss of privacy information is always a serious issue, the consequences experienced here appear to be simply a nusance. Thousands of computer users suffer from having their e-mail accounts used for spam every day without losing either their identity or any money. It's discomforting and a PITA to fix, but I don't think it's worth giving up a capability you feel you need on the off-chance of it happening to you.

acutl wrote:

Wanted to start using iCloud, but with this whole discussion, I'm worried. Would I be able to use it without turning on the email feature? TIA

There is no reason to be worried. A handful of people fell for a phishing scam or something. No news there.

You could always keep your contacts out of iCloud. That would prevent the "iCloud hackers" from getting them. But really, if you are going down that logic path, the only safe course of action is to disconnect the internet. Until you do that, you are technically always at some risk.