find my iphone turned on by someone else

marjoriefromhere wrote:

I think we're talking at cross-purposes here. Yes, I originally made it possible for the find my iphone feature to be used on my phone, by enabling it some time ago. However, I did not do anything with it recently. It appears that what happened last night was that someone was able to do this (from If your iPhone, iPad, or iPod touch is lost or stolen - Apple Support):

1. Sign in to icloud.com/find on a Mac or PC, or use the Find My iPhone app on another iPhone, iPad, or iPod touch.
2. Find your device. Open Find My iPhone, and select a device to view its location on a map. If the device is nearby, you can have it play a sound to help you or someone nearby find it.
3. Turn on Lost Mode. Using Lost Mode, you can remotely lock your device with a passcode, display a custom message with your phone number on your missing device's Lock screen, and keep track of your device's location. If you added credit or debit cards to Apple Pay, the ability to make payments using Apple Pay on the device is suspended when you put your device in Lost Mode.

And that someone definitely wasn't me.

1. FMiP must be ON (only can be turned ON directly with the device).

2. Only if iPhone FMiP is already ON.

3. See above.

It means that someone hacked your iCloud account and put the phone in lost mode. Change your password IMMEDIATELY, and consider adding 2 factor authentication. See: If you think your Apple ID has been compromised - Apple Support

And have a conversation with anyone you share your iCloud account with (which should be no one), or who might know your iCloud password.

Someone attempted to hack your iCloud account and apparently failed. You should add 2 factor authentication to the account. And it might be a good idea to change your Apple ID. See: Apple ID: Changing your Apple ID. To reduce the probability of this happening again create a new email account (gmail, for example) and use it for your Apple ID. And don't use it for anything else; don't tell anyone about it. Make it something that isn't easily associated with you.

I guess there's a chance I've developed an odd form of sleepwalking, but I'm considering that low-probability for now.

Not that low it seems, as there is no other way to turn it on you must look at all the possibilities.

FMiP cannot be activated remotely. It can only be turn ON & OFF on the device itself.

FMiP is a security feature against theft. Once it is ON, you can use any computer browser/apple device to track it.

I had exactly the same problem. This morning my ipad was locked because "find my iphone" was activated. I had no problem to unlock the device but I don't understand why the FMiP was activated in the first place.

Something similar happened to me the other day. My iphone alarm to wake me up didn't go off so I checked my iphone and the first display on the screen was that it was put into lost mode. The message said to contact an email, which was made to look like an Apple email but it wasn't, it ended with @post.com. I cancelled that and entered my iphone PIN and then a notification screen appeared requesting access to my Apple ID/icloud account for use in Russia (not where i was). I clicked don't allow and was prompted to change my password, which I did. I use two factor authentication for account security, which sent me a code via text message to allow the password change. I also had 2 emails from FMiP saying my iphone was put into lost mode and then it was found, both sent at the same time stamp after i was sleeping. I had 1 email saying my Apple ID was used to sign into icloud via a web browser, same time stamp as the 2 FMiP emails.

I contacted Apple today to verify account security and they said my account was not breached and was secure. I'm calling BS on that as my iphone was put into lost mode and email was sent saying my icloud was accessed after i was sleeping. My question is how since I had 2 factor authentication enabled?

You did NOT receive 2 emails from FMiP; it never sends emails. So those were phishing attempts also. And Apple never sends emails saying to sign into iCloud, so those were likewise scams. And probably the notice that it was put into lost mode was a scam also.

About the only legitimate message you received was that someone tried to log into your account from Russia. And you handled that correctly by denying it.

So what happened is someone in Russia figured out your password and entered it. That triggered the 2FA notification; when you clicked Deny, Apple's system figured out that your password had been hacked, and prompted you to change it. All of the emails were fakes. The fact that your password was hacked allowed the hacker to put it in Lost mode. But that's all they could do without your cooperation. Once you entered your screen passcode that took it out of Lost mode.

The only remaining question is how the hacker figured out your iCloud password. do you use the same password for multiple sites? Recall that Equifax was hacked, and every Yahoo email address (3 billion) and passcode was stolen. Plus several others. So if you reused any of your passwords for your iCloud account that's how they got it.

Wow, your story creeped me out as the exact same thing happened to me, only my windows account was involved as well. Woke up to a message on my phone saying my windows account had been comprimised and I should change my password asap, then found my ipad in lost mode. When checking where this activity came from, either my apple or windows id put the place of the attempted breach somewhere in Russia (miles away).

Changed both passwords, 2 factor id is on, anything else you guys would reccomend?

Timber777 wrote:

Changed both passwords, 2 factor id is on, anything else you guys would reccomend?

Yes. Never reuse passwords. Every password for every account, website, app or service should be unique. That way if one of your providers is hacked it won't allow the hacker to access any other of your accounts.

I realize that creates issues of tracking them, but there are many good password managers that make it much easier. I use SplashID Safe, but there are many other good ones. What I've taken to is using my password manager to generate long (16 characters), completely random passwords that even I don't know (or need to know).