A family member had their Apple ID compromised for a couple of hours by completing a 'reset password request' in an email phishing scam. They've since gone to Apple and successfully reset the password. I'm wondering what else to look out for now, or if any other action needs taking? Their Apple ID username was a non Apple email address, so I've advised them to also change the password for their email, and to any other online account that uses that email as the login. Anything else??