My traumatic Apple ID hack showed pitfalls of centralized identity
A breach of your Apple ID can leave you all but helpless to prevent attackers from poring over and stealing the contents of your life.
I was the target of a sophisticated breach of my Apple ID that caused a significant emotional and financial toll. My background as a tech entrepreneur meant I knew the importance of multi-factor authentication and the warning signs of SIM swaps and had precautions in place. Despite this vigilance, I fell victim to an audacious attack one January evening last year, painfully showing that it can happen to anyone.
I’ve had my Apple ID since it was invented. I’ve bought tens of thousands — maybe hundreds of thousands — of dollars worth of software, movies, TV shows, hardware. Suddenly, I was informed of 15,000 login attempts. It was literally “Boom, boom, boom.” I pressed “Don’t allow, don’t allow, don’t
Then, I was phoned by someone claiming to work for Apple technical support. They had in-depth information about how many devices I owned and when they were last used — even where the login attempts were coming from. A lot of unsuspecting victims would find this call credible, but something wasn’t sitting right with me. He said, “I’m going to send you a code” — and I replied, “I’m not going to give it to you.”
English
Arabic
Chinese (Simplified)
Dutch
French
German
Italian
Portuguese
Russian
Spanish