Published August 10th, 2014 at 8:51 AM EST , modified August 10th, 2014 at 7:30 PM EST
Apple IDs are a popular target for hackers. This is not only because Apple devices have become so popular, but also because Apple IDs typically provide purchasing power. With an Apple ID, a hacker can purchase music and movies in the iTunes Store or apps in the iOS App Store or Mac App Store on someone else’s dime. Typical symptoms of an Apple ID hack are a sudden inability to log in or strange purchases showing up in your purchase history or on your iOS device. So what do you do if you believe your Apple ID has been hacked?
Effects and Causes
Before discussing how to undo the hack, it’s critically important to understand why dealing with a hacked Apple ID must be done quickly. I’ve seen people who have allowed their Apple IDs to remain hacked for months before bothering to do anything about it. This allows the hacker to continue making purchases with your Apple ID, sending e-mail messages or iMessages as you, accessing your iCloud data, etc. However, there’s an additional problem that most people are either unaware of or don’t think about.
The anti-theft features of Mac and iOS devices involve your Apple ID, and can be abused by someone with access to your Apple ID. Your Apple ID could be used to remotely erase your Mac or iOS devices, which could be a disaster if you don’t maintain a good set of backups. Worse, in iOS 7, your Apple ID can be used to lock your iOS device in a way that cannot be bypassed – even by erasing the iOS device – without access to the Apple ID. If the hacker manages to permanently lock you out of your Apple ID, which can be done in a 3-day period using two-factor verification (more on this shortly), then he/she can then permanently lock your iOS 7 devices!
In other words, if you believe your Apple ID has been hacked, you need to respond quickly and decisively to regain access and lock the hacker out. Failing to do so could cause you to lose all purchases made with your Apple ID, lose all your data and even turn your iOS 7 devices into expensive paperweights!
The first thing most people want to do is scan for viruses, but there is actually little point to doing that. On the Mac, there is very little malware out there, and I’ve never heard of a single confirmed case of an Apple ID being stolen through an infected Mac. On iOS devices (ie, iPads, iPhones and iPod Touches), there is no known malware capable of affecting them unless they have been jailbroken (ie, hacked to disable security in order to download apps from outside the App Store). Further, due to the security features that prevent malware, there is also no anti-virus software capable of scanning an iOS device. If you are using your Apple ID on a Windows machine, keyloggers are possible, but that’s a matter for your Windows anti-virus software and your local Windows tech.
Apple IDs are typically hacked through other means. Some (though certainly not all) possibilities are:
- If your password is a poor one, it may fall to simple brute-force attack by a botnet.
- You could be fooled by one of the many Apple ID phishing scams circulating, in which you receive an e-mail message that is supposedly from Apple, but when you click the link provided in the message, you end up on a fake Apple site that harvests your login information (if you enter it there).
- The e-mail address associated with your Apple ID might have been hacked, possibly allowing a password reset. (The exception here is if you are using an @me.com or @mac.com address as your Apple ID, in which case the address and the Apple ID are the same… hacking one means hacking the other.)
- Your password may have been stored insecurely, such as on a Post-It note in your office that any passers-by can see or in a plain text note in some online account that has been hacked.
- Your password was the same as that used by some other account you own that was hacked first.
- Another account was hacked that gave information about you, such as what your security question answers might be.
- Someone with physical access to your devices has installed spyware in order to harass or steal from you. (Yes, this is even a possibility with iOS devices… with physical access, a hacker can jailbreak them, install spyware, then cover up the fact that it’s jailbroken.)