Hey, might wanna redact this post if you are still a current employee. Or remove certain terminology at the very least. Just a heads up, CYA.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple's Activation Lock Website Played Key Role in Hack, Perhaps Explaining its Removal
- Thread starter MacRumors
- Start date
- Sort by reaction score
Was I hacked? Or was Apple hacked?
Today I took my 6s plus into the Apple store to exchange it with a new one using Apple Care +. The phone was completely ruined in the pool and would not turn on. So, the first thing the Apple tech did was have me log into iCloud on a macbook in the store. Did that and they turned off Find my iPhone. Cool? NO.
He wasn't able to move forward because some other Apple ID had an Activation Lock on my iphone. He showed it to me on his device. I took a picture of it. w*****@163.com
Took us both about 60 seconds to confirm this is chinese hacker related and deduced that "i've been hacked".
So, is my phone compromised? Everything on it? fingerprints, apple pay, passwords what?
Or was my icloud account compromised?
Or was Apple themselves hacked and this is the result of some stolen phone scheme?
I talked to Apple Care on the phone for over an hour... they deny that it's even possible for another apple ID to have a lock on my phone. Yet it happened... They confirmed I've had two-factor authentication turned on since the option was available. Also, I've not seen any unfamiliar 2factor requests.
Do i need to factory reset every device in my house, modem, router, iOS, laptops, desktops... EVERYTHING?
And then change all of my passwords and start using another password manager?
Should I close all of my bank accounts and reopen new ones? This one has me the most concerned. I don't really use many apps... safari, mail, maps and financial institutions is about all i use my phone for. My fingerprint is tied to nearly all of my bank and brokerage accounts.
Thanks for any insight
Today I took my 6s plus into the Apple store to exchange it with a new one using Apple Care +. The phone was completely ruined in the pool and would not turn on. So, the first thing the Apple tech did was have me log into iCloud on a macbook in the store. Did that and they turned off Find my iPhone. Cool? NO.
He wasn't able to move forward because some other Apple ID had an Activation Lock on my iphone. He showed it to me on his device. I took a picture of it. w*****@163.com
Took us both about 60 seconds to confirm this is chinese hacker related and deduced that "i've been hacked".
So, is my phone compromised? Everything on it? fingerprints, apple pay, passwords what?
Or was my icloud account compromised?
Or was Apple themselves hacked and this is the result of some stolen phone scheme?
I talked to Apple Care on the phone for over an hour... they deny that it's even possible for another apple ID to have a lock on my phone. Yet it happened... They confirmed I've had two-factor authentication turned on since the option was available. Also, I've not seen any unfamiliar 2factor requests.
Do i need to factory reset every device in my house, modem, router, iOS, laptops, desktops... EVERYTHING?
And then change all of my passwords and start using another password manager?
Should I close all of my bank accounts and reopen new ones? This one has me the most concerned. I don't really use many apps... safari, mail, maps and financial institutions is about all i use my phone for. My fingerprint is tied to nearly all of my bank and brokerage accounts.
Thanks for any insight
Last edited:
Don't panic!
Somebody has cloned your serial number to unlock a blocked device, this has nothing to do with your account and they won't be able to access your data.
There was a video posted earlier in this thread if I remember correctly showing how hackers are doing this.
TouchID data is only between you and your individual device(s). That data isn't shared with any device(s) and your iCloud account. Someone out there clonned your IMEI and placed it into another device (probably lost or stolen). Once question for you: at any point in the now destroyed 6s's life was it unattached to your or any iCloud account OTHER than when Apple had you attempt to remove it?
Well, I feel better knowing it sounds like someone didn't get any of my data. No, my phone was always associated with my iCloud account. That much I am 100% sure of. I have no recollection of ever logging out of the iCloud account on my phone either, but there's a 0.1% I logged out only to immediately log right back in. I really don't think I ever logged out though.