428      iPhone_iPad_Mac_手機_平板_蘋果apple

Apple ID hacked, lost control of account

Last Thursday (12th November) woke up to a message on my Ipad saying that an email address wanted access to my device to Facetime etc. Clicked it off and looked at my emails. At 1.07am I had a message on my email address which is also my AppleID, saying that my email address(es) and password had been changed; there were also two emails to my reset email address at 1.22am saying that a verification code had been requested (first email) and then sent and used successfully (second email). All 3 emails said that if I had not requested these changes to contact Apple immediately.

I did not click through the emails in case it was a scam, instead I went on to my iCloud via settings on my iPad. There I saw that my date of birth had been changed, and my reset email address had gone. I then tried to put my password in but was told it was wrong. Went to my security questions and they were in Chinese. I was effectively locked out of my account.

I tried to contact Apple but could not speak to anyone until 8am (so even if I had received these emails in the middle of the night there was nothing I could have done). When I finally did speak to an Applecare advisor, I was put through to three people and, after a 90 minute conversation, was told there was nothing they could do. Because this hacker had changed the email address associated with the AppleID, the password and the security questions, they controlled my AppleID and iTunes account (with over 300 downloaded songs and over £50 in iTunes credit). I could give them all sorts of information, such as the last time I contacted them over the phone, the answers to the previous security questions, the postal address, full details of the two AppleID accounts that were associated to this one through family sharing, bank statements showing iTunes purchases - but none of these ticked their 'proof' boxes. I was told that I 'must have' clicked on a spam email (I haven't) and given my password away, and the implication was therefore that it was my fault.

I had to go to work, but rang back later in the day as I simply could not believe that there was nothing they could do. This time I was on the phone for an hour with a senior technical advisor. He confirmed that overnight on Wednesday 11th November, someone rang on their Chinese line (hence why they could access support overnight and I couldn't) and changed the account details. He could see that what happened wasn't right, but I still couldn't prove to Apple's satisfaction that this was my account and therefore I could not be given control. There was a debit card associated to the iTunes account which was no longer in use (the bank had replaced it although it had not expired) - he said that if I had those card details there might be something he could do. I didn't, because I had destroyed the card when the bank sent me a new one. It was left that he had emailed the engineers and he would call me back on Saturday morning (14th). Apparently the engineers can do more than him. After much discussion he did something to the iTunes account to ensure that no-one could download my content or use my credit until the matter was resolved.

Saturday morning came and went, I telephoned and left two messages and eventually got a call back. He had heard nothing from the engineers. We agreed to speak again on Monday. In the meantime I had deliberately been going on to the account and entering incorrect password information in order to disable the account. He agreed this was a good idea, but I was appalled to discover that if the hacker rang back up they would be able to reactivate the account as they would know the answer to the security questions. It was not possible to put a note or a flag on the account to say it was under investigation.

On Saturday afternoon I went into the bank, and was able to get my old card number. I telephoned once on Saturday before close of business and twice on Sunday, to say that I had the card details. On Monday, the time agreed for a call back came and went, I rang and left another message and then was called back. He had still not heard from the engineers and it now seemed to be a 7 day turnaround rather than 2. The iTunes account now cannot be used and a new card cannot be added, but I still don't have control of the iTunes or iCloud account. This account is still in my name, with my postal address. It had my date of birth on. This is identity theft, and I actually don't know if I am ever going to get my account back. Apple don't seem to have any procedures to deal with this (I have, for example, suggested that they send out information about how to reset the account to the postal address but they have 'never done this'.

I have reported it to Action Fraud (National Crime Agency) and I have also contacted Watchdog as I'm sure this is more of a widespread problem than just me. Has it happened to anyone else? Has anyone successfully reclaimed their AppleID?

Same thing happened on me too just few days ago.  And even worse, hacker stolen my Apple ID and erased the two devices that linked to it. One iphone and a newly bought ipad Air are currently in "Lost Mode".  I called Apple Tech Support and was asked to answer those security questions but appreantly hackers have changed the answers too. Fortunetely I kept the receipt for the ipad and provieded to Apple, but in the meantime I was told it is only a very small chance that they could unlock the deivce. I m wondering did you get your account back after in the end ?

Hey JoBo77,

The only way I know someone could access to your account is if 1) your email itself was compromised which someone can use the password reset email you mentioned 2) they guessed the password, or 3) they guessed your birthday and security questions. That is in order of what I think are the most to least likely possibilities. That being said you should also reset your email password and security info to be safe. It sounds to me that the senior tech is trying to help. I've had a similar situation happen that wasn't with Apple, long turn around times and all, and I called the main number every other day to speak with a senior employee. That way I didn't have to wait for someone to call me.

Best of luck, I hope the info is returned to it's owner.

Same thing happened to me, with one difference: Apple Support was amazing in helping me!

- Woke up monday morning to catch a plane and saw a msg on my iphone that my apple id details were updated

- then I got a msg to acknowledge a new mobile phone to be linked, which I refused

- failed to log in to my appleID

- followed the lost password, got the email and reset my password, also saw that they had changed my date of birth

- tried to access the security questions to find out they had changed to chinese language

- had to go to the airport unfortunately

- reached home  4 hours later to find I could no longer log in as my apple id was not recognized

- saw the update email that my apple ID has been changed

Then the journey with Apple support started

- opened an online ticket

- within 5 minutes I got called by a machine saying I had to wait about 20 minutes (manage expectations, nice)

- after about 15 a nice lady was my first point of contact

- She listened to my story and worked with me for a solution.

- at first she only could confirm that my ID no longer existed, fortunately I got a purchase receipt of software done by the thiefs containing the new apple ID.

- As my iPhone was linked to the original ID, me giving the serial number already gave her some info I was the legit user

- She also could see that changes had been made recently, and the new apple id was something like jjfrtds@sina.com, not really a logic username

- she tried with me to navigate the security questions, which did not work out as most likely the answers were to be in chinese

- interestingly enough it looked like the questions itself had not changed

- She then said she would transfer me to another department, and that this could take up to 20 minutes (again managing my expectations)

- After 10 minutes she checked in on me if I was still there (thoughtful follow up)

- Then she personally handed me over to her colleague and wished me well (excellent transition)

- The new contact at Apple was equally helpfull, and started by sending me his email and phone details in case I needed it

- He also recognized soon that faul play was at hand, and together we tried to find ways to ID myself as the legit owner

- I send him all the update emails I got

- learned that they took all my remaining balance by buying software and in app purchases

- the Thieves had added a credit card (not mine) that verification failed

- luckily I have many apple products that were tied to that ID, so one message from Apple to my Macbook and could give the verification code.

- As well as the serial of my iPhone, and I could have given the serial of the apple tv too if needed.

- Enough proof for Apple that I was the legit owner. He told me he was going to do some stuff and put me on hold for about 20 minutes (again, manage expectations very well)

- he also checked in on me about halfway (great job Apple!!)

- when he came back he said that they unlocked my account and send me a reset password email.

- password reset went well and then he helped me online with the reset of the security questions.

- He then informed me that the proof of theft was sufficient for Apple to refund me my balance that was stolen within about 48 hours.

All in all a G R E A T  E X P E R I E N C E in customer support and a fantastic outcome. All the time I was on the phone Apple people gave me the feeling they cared for me and my situation and they were there for me.

Outcome

- account back to me

- money will be refunded (not yet done)

My Tips:

- activate the two way security if you haven't done so already

- register your devices with Apple (it saved me)

- avoid putting a credit card in your account but use gift cards. At least it limits the damage a bit I think.

- Be serious about your security questions, take into account that when you set them, you might need them 3 years down the road.

I wonder how they managed to get my security questions. cos you don't have endless guesses available.

To be honest I did not even recall the answers to all my security questions (action taken here)

Weird is that it looked like the questions itself had not changed

It almost feel like they have some inside man?? Is it possible that the hacker calls apple china and gets help to reset the account?

In anycase, my experience with Apple Support was amazing, and although I already was a devout Apple user, now I am even more loyal to them.

update: all my money has been refunded. End to end great experience

Well, my 12yr old AppleID was stolen by someone in China. Apparently the thief called Apple support and for some reason they reset the account for them (This even generated a Case Number documenting the attempt and changes). But when I called to get it back then Apple couldn't verify me so I'm on a 1-month waiting list to get it back. I am so lost on what is happening.

Pretty much my timeline goes like this:

1:36A - Email from Apple in Chinese with Case Number. Google Translate says reasons are “iCloud, FaceTime and Information”

1:36A - Your Apple ID was used to sign in on iPhone 5S

1:40A - Your Birthdate has changed

1:42A - Your Security Question has changed

1:43A - Your Password has changed

1:44A - Your Birth Date has changed

3:23A - Your Apple ID was used to sign in on iPhone 6

3:24A - Find my iPhone disabled on iPhone

4:20A - Your Apple ID was used to sign in on iPad Mini

4:21A - Find my iPhone disabled on iPad

5:20A - I try a password recovery but Birthdate was changed and the new @sina.com address is the thieves. I call Apple. They disable iTunes, say they will refund me for purchases but won't tell me what the purchases are and won't recover my account since I can't verify the thieves new info. I'm trying to be understanding, but with an account this old then I have a dozen other ways to verify. Years of receipts. A dozen active iOS products. 4 Family Accounts linked to this master AppleID. I'm told 1 month is the expected time frame to get anything done.

So now I'm left with a 100 movies and thousands of songs trapped in the cloud, Apps that are unable to be updated and AppleTV's, iPhones and iPads nagging me to log in to an account I can no longer access.

Hopefully things can be fixed, but right now I'm really wondering if I put too much trust (and money) in the Apple ecosystem.

Apple has no real ability to "reset the account" for you or anyone for that matter.

*If* one is able to identify a valid Apple ID and pass the security questions challenge over the phone, Apple is able to send, to a verified email address, a message with a link that allows the recipient to reset their password.

Are you saying you got an email from Apple for each of those activities?

TThat's what I thought too. No password reset was sent to my account but based on the timeline then the Apple Case was created right before the password change. This was Apple China support so did they break protocol and change the email before sending an email reset? Did they give my password to the caller? Did they verify the thief somehow?

it's frustrating because  a case number was created when the thieves called in but Apple won't give me details of that case because I can't answer the challenge questions. So I can't help but feel that someone there screwed up because the account access and phone call are done so close together that it seems like it is linked.

The only thing I can assure is that Apple did not give anyone your password.

They may have verified a caller who was able to answer either the security questions or any of the other verification options available for your account.

At this point, that case # could be irrelevant. it could be fake too. Did you respond to any of this messages?

*All* requests for password changes result in an email to your primary address. I am puzzled why you did not receive the reset request, but did receive a notification for every other step. Very strange. If I were stealing your ID, I would change that email address right away to provide no trail for you to follow.

Did you just have any international flights? Did you or your kid use free wifi?

I agree that Apple didn't (and probably couldn't) give my actual password to the thief. But the questions still remains. The thief was missing info in getting my account, they called Apple and after the call they had access. So what info did Apple give them?

I spoke with a different senior advisor (my 3rd one) and they said that case number created by the thief was "A question about accessing iCloud" but they wouldn't give me any more details beyond that for some reason. Instead they stop reading and tell me to "Just wait, hopefully we can get this resolved within a month" as if 1-month of losing access to your Apple-life is nothing. (They are guessing and trying to tell me that its a phishing scheme but if someone phished my password then why would they need to call Apple at all?)

This isn't about slamming Apple. This is about finding out what happened in that CaseID because they called Apple for a reason but Apple can't (or WON'T) tell me what technical info (or more importantly, PERSONAL INFO) Apple gave up that allowed account access the minute after the case was created.

 

This isn't about slamming Apple. This is about finding out what happened in that CaseID because they called Apple for a reason but Apple can't (or WON'T) tell me what technical info (or more importantly, PERSONAL INFO) Apple gave up that allowed account access the minute after the case was created.

I feel badly for you and for what has happened.

The cruel reality is however... in security-speak, you aren't the account holder. Even though you can prove a history with Apple, so could an account stealer with your email or banking history. These people are pros at this. Their call to Apple could be about what they did not say during the call as much as what they did or may have said. Just the fact that they got to ask questions about a specific Apple ID may have given them enough information to do this. No answers given, just a confirmation that a specific Apple ID exists.

It appears, they somehow compromised your email account(s) to effectively assume your Apple identity. By knowing your primary and rescue email addresses, one can achieve what happened to you. Complete control of your Apple ID. This has shut you out of your account. Now, your efforts to know what happened make you appear, in security terms, to be the hacker.

This means Apple can't reveal things to you. They actually have revealed more than I would have expected.

But they didn't get access to my gmail. That's locked down with several Google security measures. And it doesn't matter if the call is Step1 or Step7, the fact still remains that somehow a call to Apple resulted in access to the account. That alone is a newsworthy issue. But I digress. The problem isn't that someone in a different countryr was able to "prove" identity in a 5min phone call, but the actual owner will take a month to achieve the same task.

Think about it. Apple, more than any other tech company, has the largest network of physical locations to physically verify identity. The Apple Store:

- Physically match ID cards

- Verify physical Credit Card

- Proof of ownership of physical devices linked to account

- Physical store receipts for items purchased in store

- Log history on physical devices indicating login history with account

Sure, proving identity over the phone is difficult (or at least it's supposed to be), but having an identity verified in store shouldn't be difficult at all.  Yet here I am, spending all day fighting nag screens.

I Guess what I'm saying is that Apple should have some sort of Time Machine support on a stolen account. Someone steals it, let's just go back before it was stolen and schedule an Apple Genius Bar appointment to help you get it restored. 

But they didn't get access to my gmail. That's locked down with several Google security measures. And it doesn't matter if the call is Step1 or Step7, the fact still remains that somehow a call to Apple resulted in access to the account.

The Apple password reset process is achieved by clicking on a link in an email sent to one of your email addresses. A link that is  only valid for 3 hours after receipt. There are no other ways.

Does Apple have any other email addresses of yours?

LACAllen wrote:

 

The Apple password reset process is achieved by clicking on a link in an email sent to one of your email addresses. A link that is  only valid for 3 hours after receipt. There are no other ways.

 

Does Apple have any other email addresses of yours?

That is imprecise. Password reset can also be done on apple id site with security questions and if account holder is famous or 12 years old somebody else can chat them up or search them online and find out what those answers are. But all your questions do not get where they are intended, cause Macrelo is dead set that Apple exposed his account instead looking for actual vulnerability. It has to be something, signing in on public device, selling device without erase, or the last famous one going to prostitute in China with device and allowing her to see iphone and use it for a minute. I was told IOS 8 had ability to add rescue email without answering security questions in icloud settings it is a big joke apparently between China Apple advisors. How most sina.com rescue emails show up...

Not that Macrelo is giving you the true anyway, it is 12 years old account hacked and there thousands movies and music trapped? how is that?

最後更新：2017-08-31 11:01:31

  上一篇： iMac White Screen Issue

  下一篇： iphone 6 icloud