How can I check the last time an iPad was online and its coordinates? (stolen device)

[iRock1]

Hi guys,

My mother’s iPad has been “stolen” and I need to track it down.

I’ve checked out “Find my iPhone” with my mom’s iCloud account and the iPad appears offline. I know there is an option to receive an alert when the iPad gets back online (which I guess it means I’ll receive an email on that address), however, my mother no longer have access to that email account so it might be useless (the iCloud account my mother had in that iPad and which I’ve used to access Find my iPhone is linked to a Hotmail address).

I was hoping there could be a way of checking out the last time the iPad was online and its coordinates. Is there a way of getting that info? Because so far the only options that I see are:

1) to use the Lost Mode. However, that would “prevent” the thief in order to keep using the device and it would send my chances of finding the device to the trash.

2) delete all the contents of the iPad, which would definitely eliminate all the chances of finding the device.

Thanks in advance for your advice!

 

[jpn]

Hi guys,

My mother’s iPad has been “stolen” and I need to track it down.

I’ve checked out “Find my iPhone” with my mom’s iCloud account and the iPad appears offline. I know there is an option to receive an alert when the iPad gets back online (which I guess it means I’ll receive an email on that address), however, my mother no longer have access to that email account so it might be useless (the iCloud account my mother had in that iPad and which I’ve used to access Find my iPhone is linked to a Hotmail address).

I was hoping there could be a way of checking out the last time the iPad was online and its coordinates. Is there a way of getting that info? Because so far the only options that I see are:

1) to use the Lost Mode. However, that would “prevent” the thief in order to keep using the device and it would send my chances of finding the device to the trash.

2) delete all the contents of the iPad, which would definitely eliminate all the chances of finding the device.

Thanks in advance for your advice!

in Find My iPhone there is a setting that maybe you did switch on at some point before it was lost, called Send Last Location. according to the explanation from apple: "Automatically send the location of this iPhone when to Apple when the battery is critically low."
Its an additional setting after turning on Find My iPhone.
i think this is the location that would appear on the screen up when you log into that apple iCloud account. all that is done without any email, simply logging into the account and then looking it up in Find My iPhone.

 

[Banglazed]

Thieves these days are wise enough and know what to do with these stolen devices. It may be a lost cause once stolen the chance of recovering it is pretty low. I would wipe the device using FMI and contact the carrier so it can be blacklisted. Do a police report and claim device insurance if you have coverage. You may also notice frequent text or email associated to Apple ID which they attempt to phish your account info to remove the iCloud. Just block them and don't respond. Always use official icloud.com to check the device location.

 

[iRock1]

in Find My iPhone there is a setting that maybe you did switch on at some point before it was lost, called Send Last Location. according to the explanation from apple: "Automatically send the location of this iPhone when to Apple when the battery is critically low."
Its an additional setting after turning on Find My iPhone.
i think this is the location that would appear on the screen up when you log into that apple iCloud account. all that is done without any email, simply logging into the account and then looking it up in Find My iPhone.

Sadly I don't see anything. In any case, that iPad had an old version of iOS. I highly doubt that option was activated, specially since I don't see anything in iCloud like what you mention.

Thieves these days are wise enough and know what to do with these stolen devices. It may be a lost cause once stolen the chance of recovering it is pretty low. I would wipe the device using FMI and contact the carrier so it can be blacklisted. Do a police report and claim device insurance if you have coverage. You may also notice frequent text or email associated to Apple ID which they attempt to phish your account info to remove the iCloud. Just block them and don't respond. Always use official icloud.com to check the device location.

Yeah, I think the device is definitely lost at this point. I just wanted to know if there is an option before going "nuclear" with the remote wiping option (which I highly doubt will work at this point anyway. I mean, the stupidest part of the story and which I haven't told you yet is that my mother gave away the iPad password to the thief. Still, I don't know if that could be enough for that man to restore the device and use a totally new iCloud account).

 

[Mike4AU]

I wondered why you put stolen in quotation marks. Given that you have not got the police involved, I would suspect there is even more to this story.

Sorry for the loss.

 

[iRock1]

I wondered why you put stolen in quotation marks. Given that you have not got the police involved, I would suspect there is even more to this story.

Sorry for the loss.

Indeed, but I don't see how is that relevant.

If your curiosity persists though: long story short, my mother gave the iPad to some random guy who offered her to fix the display. Needless to say he's not an official reseller or anthing. Then the guy ran away with the thing not before asking my mother the iPad password.

I honestly think technology should be forbidden by law for old people. But what gives, it's not my problem now.

 

[Johnny365]

So if it's not your problem now, then why are you making a topic about it?

 

[iRock1]

So if it's not your problem now, then why are you making a topic about it?

It's not my problem when it comes to calling the police or going the extra mile. I can make a thread and ask for help if software options can help somehow.

Now back on-topic please.

 

[millydog]

Did your mother give out the iCloud password in addition to the passcode? If so, it is potentially too late to recover it since it’s likely to already be erased.

Since you have the iCloud password though, I’d suggest that you change it online in case it hasn’t been reset and the thief knows the password.

While you are there, you could add a new email address to your mothers iCloud account that is a current email address.

In iCloud.com, you can also put the device into lost mode. The thief will need to re-enter the iCloud password to keep using it and if you’ve changed it, then it will block him out, that is if he didn’t reset it as new already.

 

[BrianBaughn]

The first thing your mother should have done is change her password everywhere. With access to her email, the thief could perform password resets before she does.

 

[iRock1]

The first thing your mother should have done is change her password everywhere. With access to her email, the thief could perform password resets before she does.

Happily I think it was a dummy account that was set up there, so no much to worry about.
[doublepost=1536426888][/doublepost]

Did your mother give out the iCloud password in addition to the passcode? If so, it is potentially too late to recover it since it’s likely to already be erased.

I'm not sure at this point, but I don't think so. If that was the case I'm sure I couldn't be accessing the iCloud account from my Mac at this point.

I wonder if the iCloud password would be needed to restore the iPad and disable the current iCloud account.

Also notice that this was an old device (iPad 2). I'm sure it must have had an old version of iOS which didn't have such advance security measures.

While you are there, you could add a new email address to your mothers iCloud account that is a current email address.

I didn't even know there was an option to do that. Sadly, it asks me for security questions in order to go to the account management options. Needless to say I don't have those answers, and the alternative is to send a message to the iPad, lol.

In iCloud.com, you can also put the device into lost mode. The thief will need to re-enter the iCloud password to keep using it and if you’ve changed it, then it will block him out, that is if he didn’t reset it as new already.

I'm willing to bet he already reset it at this point so I'm losing my time. My question at this point is if, again, he would need the iCloud account in order to reset the device and set up a new iCloud account.

 

[Boyd01]

I honestly think technology should be forbidden by law for old people.

Yeah, only smart young guys like you should be allowed to have "technology".

 

[baypharm]

What you are asking for - help wise - could be used to stalk someone as well as reading their emails, texts, listening to them talk, and looking at them through the on-board camera. Seems like you are requesting how to obtain sigint data. Since we don't know for sure it was "stolen" it would be a good idea to keep our knowledge of how to penetrate an iPad to ourselves. Perhaps you are innocent and just looking for help but in all honesty we don't really know.

 

[iRock1]

What you are asking for - help wise - could be used to stalk someone as well as reading their emails, texts, listening to them talk, and looking at them through the on-board camera. Seems like you are requesting how to obtain sigint data. Since we don't know for sure it was "stolen" it would be a good idea to keep our knowledge of how to penetrate an iPad to ourselves. Perhaps you are innocent and just looking for help but in all honesty we don't really know.

Not sure what you are talking about. If I wasn't clear enough, I want to retrieve that info from a device that is connected to my iCloud account. It's not like I'm asking for some NSA-level stuff.

 

[RevTEG]

Happily I think it was a dummy account that was set up there, so no much to worry about.
[doublepost=1536426888][/doublepost]

I'm not sure at this point, but I don't think so. If that was the case I'm sure I couldn't be accessing the iCloud account from my Mac at this point.

I wonder if the iCloud password would be needed to restore the iPad and disable the current iCloud account.

Also notice that this was an old device (iPad 2). I'm sure it must have had an old version of iOS which didn't have such advance security measures.



I didn't even know there was an option to do that. Sadly, it asks me for security questions in order to go to the account management options. Needless to say I don't have those answers, and the alternative is to send a message to the iPad, lol.



I'm willing to bet he already reset it at this point so I'm losing my time. My question at this point is if, again, he would need the iCloud account in order to reset the device and set up a new iCloud account.

As for as security questions go, wouldn't your "mom" know those answers? Especially since its her account? That would give you the access you need.
[doublepost=1536617547][/doublepost]

Not sure what you are talking about. If I wasn't clear enough, I want to retrieve that info from a device that is connected to my iCloud account. It's not like I'm asking for some NSA-level stuff.

I think they were saying that we don't have proof that it was actually your moms iPad. Someone could steal an iPad and ask these same questions in an attempt to learn how to erase the stolen iPad. For the recored, I'm IN NO WAY accusing you of that. Just saying that that some could think that by the very same info you're asking.

 

[iRock1]

As for as security questions go, wouldn't your "mom" know those answers? Especially since its her account? That would give you the access you need.

I set up the account years ago and I have an habit of putting random answers to those "security questions". In my opinion there's nothing secure about them. If somebody else had access to that basic info (favorite meals, pet names, etc.) they could easily access your account with pass restoration and maybe some social engineering.

Of course over the last years I've had to change my policy a little bit and register the security answers in my password manager, as companies have started to use security questions as a sort of second key when it comes to changing password, email, etc.

I think they were saying that we don't have proof that it was actually your moms iPad. Someone could steal an iPad and ask these same questions in an attempt to learn how to erase the stolen iPad. For the recored, I'm IN NO WAY accusing you of that. Just saying that that some could think that by the very same info you're asking.

I get that, but then again, I'm telling you that I own and therefore have access to the iCloud account that is set on the iPad. There's no useful info you can give me if I don't have access to that account.

Also, I'm not asking how to bypass security measures in order to restore an iPad. I've explicitly said I don't want to restore it in order to have a chance of tracking the device down with GPS. What I'd need is an option to see the last time the iPad was online and where.

 

[masotime]

It is a bit bizarre to think that someone with access to the iCloud account linked to an iPad is actually the thief trying to erase an iPad. If a malicious party had access to someone's iCloud account, the consequences are far more severe - every linked iOS device is now at the mercy of the "thief". Even MacBooks linked can be erased remotely. This also includes making unauthorized iTunes purchases via linked credit cards.

Having a passcode is not equivalent to having access to the iCloud account - a thief cannot "unlink" such a device with just the passcode, they would have to keep such a device eternally firewalled from Apple servers to prevent iCloud commands like erasing it remotely to work.

To the OP - you can just set it to lost mode, but getting the geolocation coordinates is going to be tricky if you didn't enable "send last location" like someone mentioned. I've had an iPad mini stolen from my car before, got lucky when the thief didn't turn it off and i got live GPS updates - was able to retrieve it.

If your iPad isn't cellular and still broadcasting its location, it's going to be tough. I think you can set an alert to inform you immediately if it comes online though.

 

[iRock1]

Having a passcode is not equivalent to having access to the iCloud account - a thief cannot "unlink" such a device with just the passcode, they would have to keep such a device eternally firewalled from Apple servers to prevent iCloud commands like erasing it remotely to work.

Does that mean that in order to restore the device (or set up a new account) they would necessarily have to have access to the current iCloud account? Has this security measure always been on iOS? I ask because I think the device had an old version of it.

Also, is there a way of confirming that they haven't restored the device and "unlinked" it that at this point?

To the OP - you can just set it to lost mode, but getting the geolocation coordinates is going to be tricky if you didn't enable "send last location" like someone mentioned. I've had an iPad mini stolen from my car before, got lucky when the thief didn't turn it off and i got live GPS updates - was able to retrieve it.

The reason why I don't want to activate the lost mode is because I'd like the thief to keep using the device, maximizing my options of finding the device with Find My iPhone, even though is improbable.

If your iPad isn't cellular and still broadcasting its location, it's going to be tough. I think you can set an alert to inform you immediately if it comes online though.

Yeah, but the tricky situation here is that my mother doesn't have access to the email address linked to the iCloud account anymore. And we don't have the security answers that the Apple ID service is asking to change the email address neither, even though we obviously have the current password (yes, pretty screwed up situation).

Btw, thanks for putting some rational thinking in this thread. Never thought I'd fin such a hassle on this forum, lol.

 

[masotime]

Does that mean that in order to restore the device (or set up a new account) they would necessarily have to have access to the current iCloud account? Has this security measure always been on iOS? I ask because I think the device had an old version of it.

Also, is there a way of confirming that they haven't restored the device and "unlinked" it that at this point?

I'm not sure if it stops them from resetting the device, but in the "cloud" / Apple servers, the device remains linked to your iCloud account. It will not be possible to re-register another account to that device, nor can they turn off Find my iPhone.

If the device shows up in your iCloud account (i.e. listed in the Find my iPhone app), it means it is not unlinked.

The reason why I don't want to activate the lost mode is because I'd like the thief to keep using the device, maximizing my options of finding the device with Find My iPhone, even though is improbable.

You can choose not to activate it - I'm not sure what a thief is going to do if you do activate it. I suppose they might just throw it away. Assuming Find my iPhone is still active on that device, once they connect to the Internet it should ping you.



Make sure you have "Notify When Found" enabled.

Yeah, but the tricky situation here is that my mother doesn't have access to the email address linked to the iCloud account anymore. And we don't have the security answers that the Apple ID service is asking to change the email address neither, even though we obviously have the current password (yes, pretty screwed up situation).

So if you still have the receipt, Apple might be able to do more for you, assuming that receipt is from the Apple Store and has the serial number. I had an issue once where an iPhone I sold got locked out by Chinese hackers when the buyer received it, but Apple was kind enough to unlock it once I sent them the original receipt.

Btw, thanks for putting some rational thinking in this thread. Never thought I'd fin such a hassle on this forum, lol.

No problem. I know what it's like - Apple provides some nice tools to track stuff down, but it's a balancing act to make sure it can be found.

 

[millydog]

You could get out of this situation if you used real security answers to the questions, it is designed to help you out in situations such as this. But since that’s mucked up, your only option seems to be to take the iPad to Apple with proof of purchase. If you provide the proof of purchase, then Apple can help you.

Also, with the security questions....take your mother with her ID to an Apple store and ask them for help in resetting the security questions and adding her new email. Shouldn’t be a problem if she is the real account holder.

 

[charlituna]

in Find My iPhone there is a setting that maybe you did switch on at some point before it was lost, called Send Last Location. according to the explanation from apple: "Automatically send the location of this iPhone when to Apple when the battery is critically low."
Its an additional setting after turning on Find My iPhone.
i think this is the location that would appear on the screen up when you log into that apple iCloud account. all that is done without any email, simply logging into the account and then looking it up in Find My iPhone.

That setting only works if the battery gets down to like 5%. If it was above that and the thieves turned it off then you get nothing.

At this point the best answer is to stop trying to find it. Sorry but it’s gone. Leave it linked to the iCloud account and send an erase command in case it’s turned back on and move on.

 

[iRock1]

I'm not sure if it stops them from resetting the device, but in the "cloud" / Apple servers, the device remains linked to your iCloud account. It will not be possible to re-register another account to that device, nor can they turn off Find my iPhone.

If the device shows up in your iCloud account (i.e. listed in the Find my iPhone app), it means it is not unlinked.

Yup, it's there. That's something.

Now, you say you are not sure if restoring the device requires the iCloud password — let's suppose it doesn't. Then the thief restores the device. However, you say there's no way of re-registering another account. Then what would happen? You have an "usable" iPad where you can't set up any iCloud account? Isn't that like a sort of limbo? :s

Make sure you have "Notify When Found" enabled.

The problem is that I don't have access to the email address associated to that iCloud account. So there's no way of receiving that alert.

You could get out of this situation if you used real security answers to the questions, it is designed to help you out in situations such as this. But since that’s mucked up, your only option seems to be to take the iPad to Apple with proof of purchase. If you provide the proof of purchase, then Apple can help you.

Also, with the security questions....take your mother with her ID to an Apple store and ask them for help in resetting the security questions and adding her new email. Shouldn’t be a problem if she is the real account holder.

To make things even worse there are no Apple Stores in my country, only authorized resellers or whatever they are called.

And while security questions are designed to help people in cases like these, they also make stealing accounts way easier.

That setting only works if the battery gets down to like 5%. If it was above that and the thieves turned it off then you get nothing.

At this point the best answer is to stop trying to find it. Sorry but it’s gone. Leave it linked to the iCloud account and send an erase command in case it’s turned back on and move on.

Honestly I feel very tempted to do so, but the MacGiver in me would be very happy if I'd find the iPad somehow. I know i'll probably end up doing what you say though, but I still want to play every possible card.

 

[masotime]

Yup, it's there. That's something.

Now, you say you are not sure if restoring the device requires the iCloud password — let's suppose it doesn't. Then the thief restores the device. However, you say there's no way of re-registering another account. Then what would happen? You have an "usable" iPad where you can't set up any iCloud account? Isn't that like a sort of limbo? :s

iPads can be used without iCloud accounts. Functionality is limited of course. iCloud essentially has a "registry" that links a hardware ID of any Apple device to an iCloud account, that's why you can't re-register - you'd need to "restore" Apple servers, which is obviously not going to happen.

The problem is that I don't have access to the email address associated to that iCloud account. So there's no way of receiving that alert.

Hmmm... I don't recall exactly, but I thought it would notify you on another iOS device which is linked to that same account. I could be wrong.

To make things even worse there are no Apple Stores in my country, only authorized resellers or whatever they are called.

And while security questions are designed to help people in cases like these, they also make stealing accounts way easier.

I emailed the receipt to an Apple support e-mail, so no physical stores were involved. But yes if it's not from an Apple Store the receipt might not be sufficient. I'd still contact Apple support to get more options.

The strategy for security questions is to use a fixed string (i.e. another password) and suffix or prefix it with e.g. the last word of that question if it demands different answers per question. That way social engineering is useless - it's not actually answering the question.

Honestly I feel very tempted to do so, but the MacGiver in me would be very happy if I'd find the iPad somehow. I know i'll probably end up doing what you say though, but I still want to play every possible card.

 

[iRock1]

iPads can be used without iCloud accounts. Functionality is limited of course. iCloud essentially has a "registry" that links a hardware ID of any Apple device to an iCloud account, that's why you can't re-register - you'd need to "restore" Apple servers, which is obviouslyn not going to happen.

Actually good to know.

Hmmm... I don't recall exactly, but I thought it would notify you on another iOS device which is linked to that same account. I could be wrong.

I hope it works with a Mac, because I don't have another iOS device.

I emailed the receipt to an Apple support e-mail, so no physical stores were involved. But yes if it's not from an Apple Store the receipt might not be sufficient. I'd still contact Apple support to get more options.

How? I don't think there's an email support account or something like that. Only the Support Communities which aren't handled by the staff.

The strategy for security questions is to use a fixed string (i.e. another password) and suffix or prefix it with e.g. the last word of that question if it demands different answers per question. That way social engineering is useless - it's not actually answering the question.

My strategy at this point is simply answering those questions with random characters and save those in my password manager. ¯\_(ツ)_/¯

 

[masotime]

How? I don't think there's an email support account or something like that. Only the Support Communities which aren't handled by the staff.

If your country has it, download the Apple Support app - https://itunes.apple.com/us/app/apple-support/id1130498044

Logging in with your iCloud account will show all connected devices. Tap your device and there should a lot of options. Some of them will lead to the ability to have an Apple rep call you.

If you don't have this option then your choices are unfortunately rather limited. Try direct messaging Apple Support on Twitter - https://twitter.com/messages/3309375033-3755204772?recipient_id=3309375033

My strategy at this point is simply answering those questions with random characters and save those in my password manager. ¯\_(ツ)_/¯

Yes this works, as long as you can remember which "answer" corresponds to each security question.