Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > misc.phone.mobile.iphone > #195031

Re: Everyone now has your login - which is the problem with Apple's dumb terminals

From Victor <victorheyne@notreal.org>
Newsgroups misc.phone.mobile.iphone, comp.sys.mac.system, comp.mobile.ipad
Subject Re: Everyone now has your login - which is the problem with Apple's dumb terminals
Date 2025-05-22 12:31 -0500
Organization To protect and to server
Message-ID <100nn28$bk17$1@paganini.bofh.team> (permalink)
References <100njk2$tko$1@nnrp.usenet.blueworldhosting.com> <100nkg4$3i436$1@dont-email.me> <100nljt$bhsu$1@paganini.bofh.team> <100nm1g$3i488$1@dont-email.me>

Cross-posted to 3 groups.

Show all headers | View raw

On Thu, 22 May 2025 10:14:24 -0700, Alan wrote:

> On 2025-05-22 10:07, Victor wrote:
>> On Thu, 22 May 2025 09:48:04 -0700, Alan wrote:
>> 
>>> 'Other logins included Facebook, Google, Instagram, Microsoft, and PayPal.'
>> 
>> None of those are ever required just to make the device work normally.
> 
> The point is that data hacks are widespread and don't say anything in 
> particular about any one company.
> 
> And beyond having an AppleID, you don't need to give it much personal 
> information.

When someone has your Apple ID and password, especially from a database
leak like the one mentioned in the 9to5Mac article, they gain access to a
significant portion of your digital life within the Apple ecosystem. This
is incredibly serious, and here's a breakdown of what they could get:

Direct Access to Your Apple Services and Data:

iCloud Data: This is a huge one. They can access:
Photos and Videos: All photos and videos stored in iCloud Photos.
iCloud Drive Files: Any documents, PDFs, or other files you've saved to
iCloud Drive.

iCloud Backups: Backups of your iPhone, iPad, and other Apple devices,
which can contain a vast amount of personal data (messages, app data,
health data, call history, etc.).
Contacts, Calendars, Notes, Reminders: All your synced personal
information.

iMessage and FaceTime History: Your communication records.
Health Data: If synced to iCloud.
Passwords (iCloud Keychain): While iCloud Keychain is encrypted, if they
can log in to your Apple ID on a new trusted device (which they could
attempt to do), they might gain access to your saved passwords for websites
and apps.

Purchases:
App Store and iTunes Store Purchases: They can see your purchase history
and potentially make new purchases using your saved payment methods.
Apple Pay: If your Apple ID is linked to Apple Pay, they might be able to
use your payment methods.

Find My:
Device Location: They can see the real-time location of all your Apple
devices (iPhone, iPad, Mac, Apple Watch, AirPods, AirTags).
Device Locking/Erasing: They could remotely lock your devices, display a
message, or even erase them, rendering them unusable to you.

Tracking You: They can track your location and the locations of people you
share your location with.

Messages and FaceTime: They can send and receive messages and make FaceTime
calls as you, potentially scamming your contacts.
Settings and Preferences: They can see and potentially change many of your
Apple ID and device settings.
Risks Beyond Direct Access:

Identity Theft: With access to your personal information (email, phone
numbers, birth date, payment info, even documents in iCloud Drive), they
could use this to attempt identity theft.
Financial Loss: Unauthorized purchases through the App Store, iTunes Store,
or Apple Pay.

Phishing and Scams: Knowing your Apple ID and password makes it easier for
them to craft highly convincing phishing attempts that could trick you into
revealing even more sensitive information (e.g., banking details, other
online account passwords).

Access to Other Accounts (Password Reuse): The 9to5Mac article explicitly
states that this database contained logins for various other services,
including Facebook, Google, Microsoft, banks, and government portals. If
you reuse your Apple ID password on other sites, those accounts are also
now severely compromised. This is why password reuse is a major security
risk.

Ransomware/Extortion: In extreme cases, they might lock your devices or
encrypt your data and demand a ransom.
What You Should Do IMMEDIATELY (if your Apple ID was part of a breach or
you suspect compromise):

Change your Apple ID password immediately. Make it strong, unique, and
long.
Enable Two-Factor Authentication (2FA) for your Apple ID if you haven't
already. This is critical! Even if they have your password, they won't be
able to log in without access to your trusted device to receive the
verification code.
Review your trusted devices in your Apple ID settings (Settings > [Your
Name] > Password & Security > Trusted Devices). Remove any devices you
don't recognize.
Check your account information: Verify your name, phone numbers, email
addresses, and payment methods are correct and haven't been altered by the
attacker.
Monitor your bank and credit card statements for any unauthorized
purchases.
Be vigilant for phishing attempts: Be extra cautious about any emails or
messages that appear to be from Apple or other services, especially if they
ask for personal information or direct you to click on links.
Consider using a password manager to generate and store strong, unique
passwords for all your online accounts, reducing the risk of password
reuse.
Use tools like Have I Been Pwned to check if your email addresses or phone
numbers have appeared in other data breaches.
The article emphasizes that the passwords were found in "plain text," which
is a nightmare scenario as it means the attackers don't even need to crack
or decrypt them. This underscores the severity of such a breach and the
importance of strong security practices.

Back to misc.phone.mobile.iphone | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-22 16:33 +0000
  Re: Everyone now has your login - which is the problem with Apple's dumb terminals Alan <nuh-uh@nope.com> - 2025-05-22 09:48 -0700
    Re: Everyone now has your login - which is the problem with Apple's dumb terminals Victor <victorheyne@notreal.org> - 2025-05-22 12:07 -0500
      Re: Everyone now has your login - which is the problem with Apple's dumb terminals Alan <nuh-uh@nope.com> - 2025-05-22 10:14 -0700
        Re: Everyone now has your login - which is the problem with Apple's dumb terminals Victor <victorheyne@notreal.org> - 2025-05-22 12:31 -0500
          Re: Everyone now has your login - which is the problem with Apple's dumb terminals Alan <nuh-uh@nope.com> - 2025-05-22 11:50 -0700
    Re: Everyone now has your login - which is the problem with Apple's dumb terminals Victor <victorheyne@notreal.org> - 2025-05-22 12:17 -0500
  Re: Everyone now has your login - which is the problem with Apple's dumb terminals Joel <joelcrump@gmail.com> - 2025-05-22 13:38 -0400
    Re: Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-22 17:48 +0000
      Re: Everyone now has your login - which is the problem with Apple's dumb terminals Joel <joelcrump@gmail.com> - 2025-05-22 14:25 -0400
        Re: Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-22 19:48 +0000
          Re: Everyone now has your login - which is the problem with Apple's dumb terminals Joel <joelcrump@gmail.com> - 2025-05-22 15:53 -0400
            Re: Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-22 20:02 +0000
              Re: Everyone now has your login - which is the problem with Apple's dumb terminals Joel <joelcrump@gmail.com> - 2025-05-22 16:34 -0400
                Re: Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-22 22:22 +0000
  Re: Everyone now has your login.   No they don't. (was: Everyone now has your login - which is the problem with Apple's dumb terminals) Tyrone <none@none.none> - 2025-05-23 00:23 +0000
    Re: Everyone now has your login.   No they don't. Marion <marion@facts.com> - 2025-05-23 02:51 +0000
      Re: Everyone now has your login. No they don't. Alan <nuh-uh@nope.com> - 2025-05-22 20:18 -0700
      Re: Everyone now has your login.   No they don't. Tyrone <none@none.none> - 2025-05-23 22:29 +0000
        Re: Everyone now has your login.  No they don't. Chris <ithinkiam@gmail.com> - 2025-05-24 16:17 +0000
          Re: Everyone now has your login.  No they don't. Marion <marion@facts.com> - 2025-05-24 20:46 +0000
            Re: Everyone now has your login. No they don't. Alan <nuh-uh@nope.com> - 2025-05-24 14:34 -0700
  Re: Everyone now has your login - which is the problem with Apple's dumb terminals Jolly Roger <jollyroger@pobox.com> - 2025-05-23 18:07 +0000
    Re: Everyone now has your login - which is the problem with Apple's dumb terminals Marion <marion@facts.com> - 2025-05-23 18:38 +0000
      Re: Everyone now has your login - which is the problem with Apple's dumb terminals Alan <nuh-uh@nope.com> - 2025-05-23 12:10 -0700

csiph-web