Apple ID hacked and phone bricked

PipForever · Dec 29, 2016

Hi, my boyfriend's Apple ID was hacked. They logged into his Apple ID, changed all the information, and then deleted the account. This account was used to start up his phone... Which the hacker wiped somehow (maybe using Find My Phone or something).

Now, his phone is unusable. Can't get past step three without using the correct Apple ID. We've called Apple support, but they say that one must have the original box and receipt... which have been thrown away (his aunt didn't know it was important when she tossed it).

What should we do now? Any advice would be appreciated.

rctlr · Dec 29, 2016

I guess not much, if the account is removed, and if you cannot prove that the phone is yours.

Another reason why 2FA is important.

44267547 · Dec 29, 2016

Very little to nothing. The iPhone already has been wiped. Lesson learned with using 2FA.

SteveJobzniak · Dec 29, 2016

Two factor authentication is great but please remember to write down and store your recovery key! Otherwise someone can steal your phone and then you can't login anymore since you can't receive the 2-factor SMS. The recovery key lets you remove the 2-factor authentication.

Phil A. · Dec 29, 2016

SteveJobzniak said:
Two factor authentication is great but please remember to write down and store your recovery key! Otherwise someone can steal your phone and then you can't login anymore since you can't receive the 2-factor SMS. The recovery key lets you remove the 2-factor authentication.

I'd also recommending not using your iPhone number as the recovery phone number for this reason: use your landline, partner's / parents / other trusted person's number

Gav2k · Dec 29, 2016

Go to an Apple Store. They can see the previous Apple ID and the store manager can reset both the account and device.

You will need photo Id and the device in question. The payment details for the linked iTunes account would help also.

PipForever · Dec 29, 2016

Gav2k said:
Go to an Apple Store. They can see the previous Apple ID and the store manager can reset both the account and device.

You will need photo Id and the device in question. The payment details for the linked iTunes account would help also.

The Apple Store I went to wasn't willing to help without at least a receipt... He can prove that he is the person who bought the phone using his ID, but that store said that that wasn't enough. I suppose I could just go to store after store and see if any of them will help.

And yeah, I know there are ways to PREVENT this problem... But it's already happened so...

But come on, there's nothing wrong with the phone. The fact that a hacker can render a phone useless from a distance seems a bit extreme to me.

SteveJobzniak · Dec 29, 2016

PipForever said:
The Apple Store I went to wasn't willing to help without at least a receipt... He can prove that he is the person who bought the phone using his ID, but that store said that that wasn't enough. I suppose I could just go to store after store and see if any of them will help.

And yeah, I know there are ways to PREVENT this problem... But it's already happened so...

But come on, there's nothing wrong with the phone. The fact that a hacker can render a phone useless from a distance seems a bit extreme to me.

Ask "so is it Apple's official position to allow AppleID hackers to permanently destroy people's devices?". And if they don't help anyway, tell them that you will tell the media about this miscarriage of justice.

jetsam · Dec 29, 2016

SteveJobzniak said:
Two factor authentication is great but please remember to write down and store your recovery key! Otherwise someone can steal your phone and then you can't login anymore since you can't receive the 2-factor SMS. The recovery key lets you remove the 2-factor authentication.

The older two step verification had recovery keys. The current two factor authentication doesn't use recovery keys. Instead, you authorize other devices and phone numbers (including landlines) for emergency recovery.

Two factor authentication:
https://support.apple.com/en-us/HT204915

Two step verification (recommended only for pre-iOS 9 devices):
https://support.apple.com/en-us/HT204152

Rok73 · Dec 30, 2016

SteveJobzniak said:
Ask "so is it Apple's official position to allow AppleID hackers to permanently destroy people's devices?". And if they don't help anyway, tell them that you will tell the media about this miscarriage of justice.

First and last of all the Apple-ID hasn't been "hacked". The owner of said ID had either an easy to guess password or wasn't careful enough where he entered his personal data maybe through a link in an email that looked like it came from Apple or maybe on a fake website or such (phishing). It's on the ID owner's side to care for his own security, not Apple's.

kenmasters34 · Dec 30, 2016

Rok73 said:
First and last of all the Apple-ID hasn't been "hacked". The owner of said ID had either an easy to guess password or wasn't careful enough where he entered his personal data maybe through a link in an email that looked like it came from Apple or maybe on a fake website or such (phishing). It's on the ID owner's side to care for his own security, not Apple's.

Brute force guessing is still considered a hack. This was probably a user fault, however... imo its a big problem if a lot of users lose information because of a hack. Easy to recover/change passwords etc.

Also worth considering is that people tend to use the same passwords over different sites. Yahoo just had a billion accounts hacked.

If a major hack were to occur on apples side... a lot of people can be left with dead phones and lost memories.

dennysanders · Dec 30, 2016

SteveJobzniak said:
Two factor authentication is great but please remember to write down and store your recovery key! Otherwise someone can steal your phone and then you can't login anymore since you can't receive the 2-factor SMS. The recovery key lets you remove the 2-factor authentication.

there is no recovery key for 2FA...that was for Two-step verification

EDIT

never mind...somebody already mentioned that...my bad

Goatllama · Dec 30, 2016

PipForever said:
Hi, my boyfriend's Apple ID was hacked. They logged into his Apple ID, changed all the information, and then deleted the account. This account was used to start up his phone... Which the hacker wiped somehow (maybe using Find My Phone or something).

Now, his phone is unusable. Can't get past step three without using the correct Apple ID. We've called Apple support, but they say that one must have the original box and receipt... which have been thrown away (his aunt didn't know it was important when she tossed it).

What should we do now? Any advice would be appreciated.

The account hasn't been deleted. Has most likely been changed to a different email address. Try using appleid.apple.com with the original email address. If it says 'no apple ID exists with this address,' bad. If it doesn't, try security questions.

Where did you purchase the phone? Try to get them to give you another receipt if possible.

Another thing to try would be calling Apple Support again, asking that they search for Apple IDs that used to have the email address, and hope that they ignore procedure and let you verify your identity and revert. Best bet is to ask for an iTunes Senior Advisor since the account was compromised.

Rok73 · Dec 31, 2016

kenmasters34 said:
Brute force guessing is still considered a hack. This was probably a user fault, however... imo its a big problem if a lot of users lose information because of a hack. Easy to recover/change passwords etc.

Also worth considering is that people tend to use the same passwords over different sites. Yahoo just had a billion accounts hacked.

If a major hack were to occur on apples side... a lot of people can be left with dead phones and lost memories.

Brute force isn't possible when an account is locked after a couple of tries. And you really can't compare the Yahoo incident or the Sony one from a couple of years ago with this case because that's completely different.

It's a difference if you illegally access a huge company's database with millions of logins, credit card data etc. or if you get into possession of ONE client's password. In 99% of the latter cases it absolutely cannot be considered as "hacking"!

This is just the wrong term. 99 out of 100 times it is carelessness of the user as I've described it.

InsoftUK · Aug 19, 2017

2FA is nothing but issue after issue, every time you log into your Apple ID you need your phone or other device handy to type in the number every single time, also iTunes Connect app didn't work until you disable 2FA then you have to re enable 2FA when finish using the app, what a mess

AZhappyjack · Aug 19, 2017

InsoftUK said:
2FA is nothing but issue after issue, every time you log into your Apple ID you need your phone or other device handy to type in the number every single time, also iTunes Connect app didn't work until you disable 2FA then you have to re enable 2FA when finish using the app, what a mess

I’m having zero issues with this ‘mess’. Needing a verified device when accessing your AppleID account from an unverified device IS THE WHOLE POINT of 2FA.

Search

Search

Apple ID hacked and phone bricked

PipForever

macrumors newbie

rctlr

macrumors 6502a

44267547

Cancelled

SteveJobzniak

macrumors 6502

Phil A.

Moderator emeritus

Gav2k

macrumors G3

PipForever

macrumors newbie

SteveJobzniak

macrumors 6502

jetsam

macrumors 65816

Rok73

macrumors 65816

kenmasters34

macrumors newbie

dennysanders

macrumors 6502

Goatllama

macrumors 6502a

Rok73

macrumors 65816

InsoftUK

macrumors member

AZhappyjack

Suspended

Our Staff