apple id hacked, Imac locked, ransom

This may take a while, but can you boot into Internet Recovery - About macOS Recovery - Apple Support - using Command+Opt+R? Is your internal disk encrypted using FileVault2? Do you have any other Operating System other than macOS installed on your Mac?

Being angry will not solve your problem. Your iCloud password is known to someone other than you. See Public Service Announcement: Hacked ID's . Can you log in to your iCloud.com and turn off Lost Mode?

The best solution is (from If you lost or forgot your firmware password - Apple Support)

If you forget your firmware password

If you can't remember the password you set using the Firmware Password Utility or Find My Mac, schedule a service appointment with an Apple Retail Store or Apple Authorized Service Provider. Bring your proof of purchase (original receipt or invoice) with you. If you plan to visit an Apple Retail Store, make a reservation (available only in some countries).

Apple Technical Support may not be able to help you any further.

This has been a horrifyingly informative thread! It appears that Apple policy may be to only accept Proof of Purchase issued by an Apple Authorized reseller. Apple - Support - Help - Proof of Purchase

My only suggestion would be to try escalating until you reach someone who can make an exception. If your iMac appears under 'Devices' when you login to manage your apple ID ( https://appleid.apple.com/#!&page=signin) you could try showing that to the Apple store / service provider as your proof of ownership.

See also Loner T's suggestion.

The proof of employment and the photocopy of the Studio receipt helps you establish the chain of ownership. The iMac has a serial number on it's rear panel - Identify your iMac - Apple Support . The purpose of Find My Mac and associated iCloud offerings is for the actual owner to manage the safety of the Apple device.

The Apple ID password is an individual's responsibility. You can publish your Apple ID password on the public internet and Apple will not stop you from such a decision. On ASC, I always ask users not to post the serial number of their devices so it is kept safe with the legitimate owner.

Your iCloud account was compromised because you did not secure it properly and/or you responded to a phishing attempt, resulting in your devices being locked and held for ransom. Apple will be happy to help if you can provide proof of purchase for the devices. If you can't provide the original proof of purchase, you're out of luck. Learn a lesson in securing your accounts from this.

You have every right to be upset....ironically, this same exact thing happened to me last night as well. Someone in Kalunga, Russia signed in on a PC to my icloud account and locked my iPad, iPhone, and MacBook Pro. I was able to get back into my iPad and iPhone when I woke up and after researching this all day I believe it's because I had a PIN code set up for those devices. The firmware passcode needed to unlock my MacBook Pro is another matter. I have the same exact message telling me to email that address. I did so (without including any information in email body) and the recieve an identical message to the one you received down to the Bitcoin address. Obviously it's the same person who did this to us, and on the same day. It happened during the night for me too (but I'm in the US so different time zones) and the message on my iPhone this morning when I woke up said my account was accessed at 3am. I do have the 2 factor authorization feature set up and it still happened to me! I called Apple support and they had never heard of it either....it blows my mind. I made an appointment at my local Apple Store to have them help me access my MacBook again....luckily I bought my MacBook online and the receipt was emailed to me, or I'd be screwed like a lot of the people I've seen online who threw out their 3 or 4 year old paper receipt and don't have proof of ownership. It's insane though that it's their own "Find My" feature that's causing this problem and they won't acknowledge it. I found articles online discussing how Apple received word earlier this year that some criminals had somehow accessed millions of iCloud usernames and passwords. Apple was asked by these criminals to pay a ransom and Apple didn't. Which they shouldn't have, obvioutlying, but they should have sent an email or some type of notification out to every iCloud account holder telling them of this possible breach and to change their passwords ASAP. I don't regularly check Apple or Mac websites (most people dont) so even if they had put a message on some remote web page of theirs about this issue, I never would have seen it. Maybe, it's not Apple's fault that iCloud accounts were compromised (which is debatable) but they should have done steps to prevent this Ransom hijacking from occurring....and they did NOTHING! I wish I had more of a voice and could tell people about this, but I don't really think there's much I can do about it. I never reply to or comment on this kind of stuff but considering how mad I am and the fact that the exact same thing happened to both of us within the same 24 hour time frame, I felt compelled to respond. Maybe this thread will help protect other people. But don't listen to some other posters; you have every right to be upset. Tomorrow, after my appointment at the Apple Store, I'll post on this thread again if they fix it and it's a fix that I can convey to you easily. Otherwise, good luck!

J, Any luck on this. I go hit Tuesday early am. Apple was no help since it is on a Late 2009 Imac. I have two Iphone7s, an Ipad and Apple TV, yet no help cause my imac is a bit older. Not an issue that stemmed from my imac, yet a hack into Apple IDs that I think Apple should honor regardless.

Any info would be appreciated.

Thanks