Previous 1 12 13 14 15 16 Next 454 Replies Latest reply: Aug 10, 2014 10:07 AM by thomas_r. Go to original post Branched to a new discussion.
  • Tigerlily75 Level 1 Level 1 (0 points)

    Not for a long long time, but my iCloud password was once an Optus password. It was a random one Optus gave me many years ago that I found easy to remember. But for the oast few years it was the Apple ID password only and not used for anything else.

  • Andrew J Level 3 Level 3 (790 points)

    abhibeckert wrote:

     

    Andrew J wrote:

     

    It looks highly likely this is an email harvesting scam. Someone has hacked into an unsecured server, somewhere in Australia, copied email and password details, and just tried logging in to their iCloud service, and gotten lucky.

     

    My advice to anyone who uses the same email and password as their Apple ID, on other sites, don't. If you do, then change it now.

     

    Until the server in question is identified, then don't use identical email addresses and passwords on any services

     

    It doesn't look like it.

     

    A friend of mine was hacked and she is tech savvy enough not to fall for a scam and would remember if she had clicked any official emails. Also she claims to have had a very strong and unique password.

     

    Our best guess is either she had a keylogger (but we searched and could not find a keylogger, unless it's very well hidden) or else there might have been some hack internally at Apple.

     

    I'm thinking the latter is the case, perhaps there is a vulnerability where if you know the serial number of the device or something you can trigger Find my iPhone without knowing the iCloud username/password. This would explain why all of the phones are in the same region/country.

    It wouldn't be Apple servers, as they aren't localised, and highly secure. This points to a hacker who has gained access to an Austrailan server, which is why only Australian users are affected. The hacker has gained access to the iCloud accounts of some users and logged in, shut down their devices and sent a message of demand. The point is, Apple servers are so secure, that a punk asking for $100, is neither likely or smart enough to hack into them. This is a local server that has gained access, and only people who may use the same email and password to log in, as their Apple ID.

  • nkwillos Level 1 Level 1 (0 points)

    Definitely using the same password across a few different things.

     

    On the phone to Apple in the UK now.  They are checking with Senior Advisors but are pretty sure the restore is the only way forward.  That's ok for my iPad backed up to the cloud, but not for my daughters iPod.

     

    Will let you know how I go.

  • Tigerlily75 Level 1 Level 1 (0 points)

    Oh wait ----- the password was the same as eBay!! I didn't even click as I hardly ever use eBay, (but it was one I changed last night!).

  • Andrew J Level 3 Level 3 (790 points)

    Tigerlily75 wrote:

     

    Oh wait ----- the password was the same as eBay!! I didn't even click as I hardly ever use eBay, (but it was one I changed last night!).

    Ok, that makes sense. Ebay was hacked into just last week. This is the source. If you haven't already, change your Apple ID and add secondary security precautions.

  • kkneufeld Level 1 Level 1 (0 points)

    Andrew J wrote:

     

    Tigerlily75 wrote:

     

    Oh wait ----- the password was the same as eBay!! I didn't even click as I hardly ever use eBay, (but it was one I changed last night!).

    Ok, that makes sense. Ebay was hacked into just last week. This is the source. If you haven't already, change your Apple ID and add secondary security precautions.

    Doesn't make sense. There were global breaches to eBay. The Apple thing is localised to Australia and New Zealand. Also people have said they don't have eBay and were still affected today.

  • Andrew J Level 3 Level 3 (790 points)

    kkneufeld wrote:

     

    Andrew J wrote:

     

    Tigerlily75 wrote:

     

    Oh wait ----- the password was the same as eBay!! I didn't even click as I hardly ever use eBay, (but it was one I changed last night!).

    Ok, that makes sense. Ebay was hacked into just last week. This is the source. If you haven't already, change your Apple ID and add secondary security precautions.

    Doesn't make sense. There were global breaches to eBay. The Apple thing is localised to Australia and New Zealand. Also people have said they don't have eBay and were still affected today.

    eBay have localised servers. There was no detail on which eBay servers were hacked last week, but it was clear, user details were hacked in to. This is more plausible than some pimple faced punk somehow cracking Apple server encoding. More likely the hacker thought trying his scam outside the US was a safer bet.

  • Andrew J Level 3 Level 3 (790 points)

    kkneufeld wrote:

     

    Andrew J wrote:

     

    Tigerlily75 wrote:

     

    Oh wait ----- the password was the same as eBay!! I didn't even click as I hardly ever use eBay, (but it was one I changed last night!).

    Ok, that makes sense. Ebay was hacked into just last week. This is the source. If you haven't already, change your Apple ID and add secondary security precautions.

    Doesn't make sense. There were global breaches to eBay. The Apple thing is localised to Australia and New Zealand. Also people have said they don't have eBay and were still affected today.

    Apple servers communicate with Apple devices using encrypted data. The same goes for iTunes and the AppStore. It's highly unlikely someone after a few hundred bucks would be able to hack into Apple services. If he did, he wouldn't be harassing users for $100. They'd go after Apple for a few hundred million. This is a clear hijacking of email and passwords, gained from a third party server. eBay may just be ground zero, but I'm happy for you to prove me wrong.

  • Andrew J Level 3 Level 3 (790 points)

    kkneufeld wrote:

     

     

    Doesn't make sense. There were global breaches to eBay. The Apple thing is localised to Australia and New Zealand. Also people have said they don't have eBay and were still affected today.

    I haven't read where people who have been hacked, haven't used the same email and passwords on eBay. Many family members use the same Apple ID btw. Could be a family member has used it elsewhere too.

  • Prince Harming Level 1 Level 1 (0 points)

    This explains why my iPad froze when I tried to open from the passcode screen. I ended up just turning it off and restarting using a hard reset.

    Got my email tone when it logged back on to my network but there was no mail. hasn't missed a beat since.

     

    My daughter has my old i4 at the moment as I upgraded to an S4 but hasn't mentioned any problems.

     

    Quite frankly, hackers are gutless little ***** who need to hide behind anonimity. They may think its "fun" to jerk common everyday people around but its no where near as much fun as what I'll have when I find one of them.

  • abhibeckert Level 1 Level 1 (0 points)

    Andrew J wrote:

     

    You misunderstand what I meant. A hacker has obviously hacked into a server that contains user emails and passwords. If these people use the same email and password for their iCloud account, this is where the hacker has gained access. I never mention phishing scams at all. Lets try and be specific here so we can get to the root of the problem. Thanks.

    I was replying to two people but only quoted yours. I do understand your point and am a programmer specialising in security.

     

    My friend claims to have never used the password anywhere else, and I believe her.

     

    I do not think this has anything to do with eBay or any other compromised database.

  • Werewabbit Level 1 Level 1 (0 points)

    I live in the UK and this has also happened to me yesterday.  Very worrying. And not a peep from Apple yet. I have managed to change all my account details and passwords, but just feels worrying.

  • Andrew J Level 3 Level 3 (790 points)

    abhibeckert wrote:

     

    Andrew J wrote:

     

    You misunderstand what I meant. A hacker has obviously hacked into a server that contains user emails and passwords. If these people use the same email and password for their iCloud account, this is where the hacker has gained access. I never mention phishing scams at all. Lets try and be specific here so we can get to the root of the problem. Thanks.

    I was replying to two people but only quoted yours. I do understand your point.

     

    My friend claims to have never used the password anywhere else.

    Seeing as data between Apple servers and devices are encrypted, it's far more likely your friend has either used the same email and password elsewhere, or has shared their Apple ID with a family member who may have. Apple servers are highly protected with many levels of security encryption. A punk kid asking for $100 from hacked users, wouldn't have the brain power to hack Apples severs. Think about it.

  • analogue cheese Level 1 Level 1 (5 points)

    Hi - to clarify,  the email and password we had hacked are used elsewhere (my other half can think of, for eg, Etsy) - but definitely not ebay - no ebay account.

     

    cheers.

  • Andrew J Level 3 Level 3 (790 points)

    Werewabbit wrote:

     

    I live in the UK and this has also happened to me yesterday.  Very worrying. And not a peep from Apple yet. I have managed to change all my account details and passwords, but just feels worrying.

    Do you use the email and password you use for your previous Apple ID on other services? If so, could you list the services you have used them on, so we can pinpoint the source. Thanks

Previous 1 12 13 14 15 16 Next