apple id hacked, Imac locked, ransom

You have every right to be upset....ironically, this same exact thing happened to me last night as well. Someone in Kalunga, Russia signed in on a PC to my icloud account and locked my iPad, iPhone, and MacBook Pro. I was able to get back into my iPad and iPhone when I woke up and after researching this all day I believe it's because I had a PIN code set up for those devices. The firmware passcode needed to unlock my MacBook Pro is another matter. I have the same exact message telling me to email that address. I did so (without including any information in email body) and the recieve an identical message to the one you received down to the Bitcoin address. Obviously it's the same person who did this to us, and on the same day. It happened during the night for me too (but I'm in the US so different time zones) and the message on my iPhone this morning when I woke up said my account was accessed at 3am. I do have the 2 factor authorization feature set up and it still happened to me! I called Apple support and they had never heard of it either....it blows my mind. I made an appointment at my local Apple Store to have them help me access my MacBook again....luckily I bought my MacBook online and the receipt was emailed to me, or I'd be screwed like a lot of the people I've seen online who threw out their 3 or 4 year old paper receipt and don't have proof of ownership. It's insane though that it's their own "Find My" feature that's causing this problem and they won't acknowledge it. I found articles online discussing how Apple received word earlier this year that some criminals had somehow accessed millions of iCloud usernames and passwords. Apple was asked by these criminals to pay a ransom and Apple didn't. Which they shouldn't have, obvioutlying, but they should have sent an email or some type of notification out to every iCloud account holder telling them of this possible breach and to change their passwords ASAP. I don't regularly check Apple or Mac websites (most people dont) so even if they had put a message on some remote web page of theirs about this issue, I never would have seen it. Maybe, it's not Apple's fault that iCloud accounts were compromised (which is debatable) but they should have done steps to prevent this Ransom hijacking from occurring....and they did NOTHING! I wish I had more of a voice and could tell people about this, but I don't really think there's much I can do about it. I never reply to or comment on this kind of stuff but considering how mad I am and the fact that the exact same thing happened to both of us within the same 24 hour time frame, I felt compelled to respond. Maybe this thread will help protect other people. But don't listen to some other posters; you have every right to be upset. Tomorrow, after my appointment at the Apple Store, I'll post on this thread again if they fix it and it's a fix that I can convey to you easily. Otherwise, good luck!

J, Any luck on this. I go hit Tuesday early am. Apple was no help since it is on a Late 2009 Imac. I have two Iphone7s, an Ipad and Apple TV, yet no help cause my imac is a bit older. Not an issue that stemmed from my imac, yet a hack into Apple IDs that I think Apple should honor regardless.

Any info would be appreciated.

Thanks

My phone was locked two days ago but was able to locate and change password so no issues there. My MacBook was blocked though, and I ended up calling Apple. As others have said, the Rep said this was his first call for this issue. We confirmed that since it had a firmware password set, it has to be brought into an Apple Store or Apple authorized service provider, with proof of ownership. And these stores want a $70 diagnostic fee to fix it. They claim there are no other options, and that without a receipt we could be sitting on a $1K+ brick. Of course, I refuse to accept this and will be doing an Internet deep dive tonight to find another solution. We know our usernames/passwords were compromised, we just can't prove they were compromised on Apple servers so they won't help in that regard. So from their perspective, the anti-theft features are doing what they're supposed to be doing...fair enough. Had we set our own firmware passwords AND had two-factor authentication enabled, we would have an easier workaround.

JelenaI wrote:

No, so far nothing, I am still trying to find / get that receipt. But since in my country there is no official apple store (only authorized resellers and dealers) Im not sure that even with a receipt I will solve this.

If you have a receipt, or even the original iMac packaging should help an Apple Reseller/Dealer to help you.

This is exactly what happened to me Friday night/Saturday morning. I did have 2 factor authentication on iPhone and iPad and was able to reset my password. However, my used 2010 MacBook went through the same process yours did. The reset originated in Kulunga, however I never saw an email to respond to....my MacBook just rebooted and locked after connection to wifi. I purchased this from Amazon and was very happy after upgrades I performed myself. When I booked a Genius Bar appointment I was assured on the phone that my receipt from Amazon should suffice but I was turned away at the Apple store. Had I known, that there were so many others I would have been much more angry.

omegarazor wrote:

When I booked a Genius Bar appointment I was assured on the phone that my receipt from Amazon should suffice but I was turned away at the Apple store.

This is not the way to treat a customer. Did you ask to speak to the Store Manager and show them the Amazon receipt? You should also call Apple Care.

If the Design Studio can provide a photocopy of the receipt for your specific iMac with the serial number, it will be very useful to establish the ownership chain, along with your proof of employment at the Studio.

JelenaI wrote:

That is the problem even if i find it It might not be enough, and I might have to pay for that etc...

What about common sense? Every time you login from another device, or sometimes from another country you get an email from apple.. (apple can check and they saw that that login was from windows ) Few seconds ago when i logged in to my icloud i had to type password,also answer two security questions before i actually got to my icloud...

How did they pass that? i never left any info anywhere, i dont use suspicious websites or software, how did they got my password and were able to put device in lost mode???...and since they left their email requesting bitcoins, how is that not enough for apple to help me?

None of this will help you in your current situation. I understand you are frustrated. The mechanics of the Lost Mode are very well documented in the first link on page 1 of this discussion.

JelenaI wrote:

How many people in this world keep receipts after 5 years? or boxes?

I do. 😉. I have all the packaging, receipts, original box and the shipping carton for the original 2006 Mini I bought. But, again, this is not helping you.

I suggest talking to the Design Studio and establishing a chain of ownership, and then approaching Apple Reseller or an Apple Store to get your Mac back, otherwise your frustration level will just go up and your anger will cloud (pun intended) your judgement even further.

I'm pretty sure Apple doesn't care about my mid-2010 MacBook, only their culpability and rigid adherence to arbitrary constraints. In any case, I visited a 3rd party Mac repair shop and the technical expert had it sorted out in less than 5 minutes. I was gob-smacked. I don't know exactly how he did it but he was successful and I absconded with my laptop in absolute shock.

Your are really the 👿.

I can understand OP being frustrated.