Apple ID/iMessage hacked. Messages sent to China. What do I do now?

If you changed your password as posted, you should be okay, although Drew's advice is good. If you want more security, you could use 2 step verification or authentication.

Apple ID -Two-factor authentication

Apple ID - Two Step Verification App Specific Passwords

Apple ID - Two Step Verifications FAQ

Did you read the first message from Apple?

…if you did not sign in & believe someone accessed your account…

… go to appleid.apple.com & change your password.

It is always better to avoid trusting any unsolicited message, however the one from Apple looks like it was legitimate (at least the 'apple id' address is correct).

It looks like your password has been found or guessed, since Apple ID accounts often have credit or bank details attached I'd suggest you go and reset it immediately, also review all your other online accounts - especially if you use the same password anywhere else.

Zalax7 wrote:

I had the exact same thing happen to me today from a very similar source and from the same area code and everything. I received an e-mail saying that I was logged into iMessage from an unfamiliar MacBook, and within seconds my phone was flooded with messages that looked very similar to this. I think that there are some issues with security on the new iOS or possibly the new phone. Are you using the iPhone 7?

Whilst that is one possibility you should consider others, for example do either of you use the same password for any other services?

Many other services get hacked. The stolen passwords, emails & security reset details can be used to compromise other accounts (it's possible it has happened to Apple too however they claim the passwords are stored more securely than Yahoo's & the other large data leaks).

NOTE: There does seem to be a few similar cases cropping up…

hacked

Iphone hacked? Please help

but if you search the history here you find other older examples, it's not just iOS 10 or new iPhone users…

https://discussions.apple.com/search.jspa?q=chinese%20messages%20hack

Giselllle wrote:

THIS JUST HAPPENED to me too ask as well!! SAME exact thing, all these messages sent to china. How did this happen to almost around the same time. Apple has some explaining to do....

Take a look around this site (use the search) - this has happened before, some from many years ago. If it was simply a new Apple security breach more people would be victims - Apple has millions of accounts, many have credit/ debit cards connected - it would be lucrative to hack Apple.

One obvious answer is that you may have reused your password or security details on another site. When the other site(s) gets hacked your details are released in massive lists of usernames, passwords, security questions etc. That s what spammers buy to abuse your accounts.

Everyone here complaining that this is Apple's fault also needs to confirm a few things first…

1. Have you ever reused the same password on ANY other sites?
2. How good was your password?
3. Have you setup 2 factor or 2 step authentication on your Apple ID? - If not your security questions can be exploited to gain access to your account.
4. How secure are your other accounts? They all get linked together via 'password reset' links & other metadata, are you certain one email or account has not been compromised?

Take a look around - Yahoo, LinkedIn, MySpace, Adobe, Sony, Dropbox… many sites have lost user data including passwords tied to (user)names, emails & addresses.

Perhaps you should consider checking if your own email has been found in common data leaks…

https://haveibeenpwned.com

Obviously if you have a strong, complex password, never reuse it & also enable the maximum levels of security on all accounts you should contact Apple but please consider that sometimes your choices can weaken security.

I had the exact same thing happen to me today from a very similar source and from the same area code and everything. I received an e-mail saying that I was logged into iMessage from an unfamiliar MacBook, and within seconds my phone was flooded with messages that looked very similar to this. I think that there are some issues with security on the new iOS or possibly the new phone. Are you using the iPhone 7?

Exactly the same happened to me yesterday morning. Work up and was notified my account had just been signed in on an iMAC. Checked my messages and had the same as you but preceeded by 3 messages with a 1 as a message which I assume was some coded communication regarding the hacked account.

Luckily I went straight onto apple web page and changed security details. Does not appear to be any other changes to the account or purchases in iTunes but following this thread in case I have missed anything.

Apple confirmed my account had been compromised, but will need to check family accounts to ensure no other attack vector.

I received the same message this morning and found seven messages sent to the same country code as yours. Changed my password and requested access to the two-factor authentication (after a 3 day waiting period...)

I GOT HACKED TODAY TOO! 30 MINUTES AGO!

16 text messages were sent from my iMessages to China!

I have changed my password but so scared this will happen again!

Should I go into a Apple store and see what they have to say?

Also my Macbook is running slower now, not sure if the two are linked

Any help is much appreciated!!

nschesh wrote:

I have had this last night also, however they have appeared on my own macbook! Should I be contacting Apple regarding this?? I'm so worried they have accessed all payment details etc

Do you understand how iMessage works? Messages sent from another device on your account will appear on all your devices - that is normal.

Contact Apple if you want, there seems to be very little they can do besides tell you how to secure your account. Contact your banks & credit card companies to get new cards if you have reason to suspect they are compromised.

i urge you to double check your phone bill.

O2 barred my phone from texts and calls as the messages that could not be sent as iMessage were sent as texts and I got charged for them. luckily they have been hnderstanding and are going to credit my account.

i Spoke to apple and their advice was to change my password and check to see if any purchase had been made

Are you sure that you never reused your password with any other service?

Have you enabled 2 factor or 2 step authentication on your Apple account?

Everyone keeps assuming that Apple are the only ones at fault - they might be however many other services have lost usernames, passwords, security reset details. All of these can be used against your Apple account if you ever reuse those on another site.

Consider taking a look to see if any of your email(s) appear in any of the many database dumps…

http://haveibeenpwned.com/

eonrx wrote:

Did Apple say where the hack was coming from ?

What else should we do to protect ourselves?

Frankly I'm tired of repeating myself in this thread, please read some of my earlier posts. Apple have never said 'the hack came from xxx' in any of the other cases. It seems likely that this will be the same & it is highly likely that your own password choices or other accounts are the reason for the 'hack'.

Start by confirming your accounts are not known in the massive leaks…

http://haveibeenpwned.com/

Also add other factors (2 step and/or 2 factor) to your account to reduce the chance of it happening again in the future.

The same thing happened to me today. I also changed my password as fast as I could. Messages where sent in my name containing advertising about game sites.

you may post an etrecheck report from your mac in a NEW THREAD for further analsys

www.etrecehck.com

for your phone do as Eric Root recommends above and enable 2 factor authentication.