Ryan Toohil has a BS in Computer Engineering from Virginia Tech and holds multiple patents in the web services domain. As the CTO at Aura, he leads the platform, information security, and corporate IT teams.
Jory MacKay is a writer and award-winning editor with over a decade of experience for online and print publications. He has a bachelor's degree in journalism from the University of Victoria and a passion for helping people identify and avoid fraud.
When Domenic Iacovone got the phone call, he thought he was protecting his Apple ID. But it wasn’t a call from Apple support — it was a scammer on the other end of the line [*].
Within minutes, the hacker had taken over Iacovone’s Apple ID and made off with $650,000 in cryptocurrency assets by using recovery keys stored in Iacovone’s iCloud backups.
Apple ID attacks are more common than you may think. Account takeover fraud increased by 131% [*] in the first half of 2022.
For years, Apple has ranked among the top 10 brands that hackers impersonate [*].
Some of the worst celebrity hacks of all time have targeted Apple IDs because they provide access to so much of our digital lives.
If you think your Apple ID might have been hacked, you need to act quickly. In this guide, we’ll explain how your Apple ID gets hacked, the warning signs to look out for, and how to secure your account from scammers.
{{show-toc}}
How Can Your Apple ID Get Hacked? What Do Hackers Do With It?
Your Apple ID is the username and password associated with your Apple account. It’s used to verify your identity across Apple devices — like your iPhone, iPad, or Mac.
With control of your Apple ID, hackers can see your personal information and track your location — as well as the locations of your connected friends — along with the locations of your devices (including AirPods and AirTags).
They can see iCloud content, including photos and crypto wallet backups. They can scam your friends by posing as you. And they can access your saved payment methods, including credit cards and Apple Pay.
Technically, no Apple ID has ever been “hacked” (as Apple’s servers themselves haven’t been compromised at the time of this writing).
But there are several ways for scammers to take over your account, including:
Someone who knows your password used it without your permission.
You use your Apple ID password on another account that was hacked. (To find out if this is the case, run a Dark Web scan to view breached passwords associated with your email.)
You clink on a link or visit a fake website in a fake Apple phishing email.
Scammers trick you into giving them your password or one-time security code.
Hackers infiltrated your email account and used it to initiate a password reset.
You entered your login information on a fraudulent website or fake “Sign in with Apple” prompt.
Cybercriminals have switched your phone number to a device that they own via SIM swapping.
🛡 Secure your digital life with award-winning protection. Aura’s all-in-one digital security solution has been rated #1 by Money.com, Forbes, Tech Radar, USA Today, and more. Try Aura free for 14 days and safeguard yourself against hackers.
How To Tell If Your Apple ID was Hacked: 8 Warning Signs
Once hackers log in to your Apple account, they work quickly to take control. Here are some common warning signs that your account may be compromised.
Your Apple ID password stops working.
Your device is locked or was put into “Lost Mode.”
You see files, apps, photos, or messages that you don’t recognize stored in iCloud or anywhere on your device.
You get an email from Apple saying that someone logged in to your account on a new device.
You’re notified that the email or phone number associated with your account was changed.
You’re notified that your password was changed.
You see receipts or confirmations of unfamiliar charges from the App Store or iTunes store.
Your account details are different or altered — such as an unfamiliar name or billing address.
If you suspect your Apple ID has been hacked, act quickly. Here are the steps to take as soon as you believe your account has been compromised.
{{scam-survey}}
1. Try signing in to your Apple ID
One of the first things hackers do when they gain access to an account is change the password to lock out the original owner. At the first sign of hacking, try to log in to your account to see if you still have access.
If you can’t log in, it could mean someone else has changed the login information to claim control of your account, and you should move to step two.
Here’s what to do:
On a device you own with a secure internet connection, go to appleid.apple.com or icloud.com. Click “Sign In” and enter your email address and password.
If you can log in successfully to your Apple ID account page, move to step three to set a new password and protect your account.
If you can’t log in or get a notification that the account is locked, follow the instructions in step two to reset your password and regain control of your account.
If you can’t log in to your Apple ID using your current password and don’t have access to a signed-in device, you’ll need to initiate a password reset. You can do this on a borrowed device or on the web.
Here’s what to do:
On a borrowed iOS device: Download and open the Apple Support app. Tap “Reset Password,” then select “A different Apple ID” and “Continue.” Follow the instructions to reset the account.
Online: Visitiforgot.apple.com and follow the instructions to reset your account. This option takes the longest — so only use it if you don’t have a trusted device nearby.
Apple Support: If you still cannot regain control of your account, contact Apple.
Get a new Apple ID: If you’re unable to regain control of your account, the only remaining solution may be to get a new Apple ID.
3. Change your Apple ID password
Once you log in to your Apple ID account, you should change the password immediately. This will lock out any hackers who also have access to your account.
Choose a strong, unique new password that you aren’t using anywhere else. It should be at least 12 characters long and include uppercase and lowercase letters, numbers, and symbols.
Here’s what to do:
On an Apple device you own: Open the Settings app and click or tap on your name, then “Password & Security,” then “Change Password.” Enter your Mac account password (passcode for iOS devices), and then create a new password for your Apple ID.
On the web: Go toappleid.apple.comand sign in. Go to Sign-In and Security > Password and enter a new password. Check the box to sign out current devices.
4. Set up two-factor authentication (2FA) on your Apple ID
By default, your Apple ID is protected with security questions. You can improve the security of your account by setting up two-factor authentication, which requires a one-time passcode from a separate device in addition to your username and password.
Here’s what to do:
On a Mac: Open System Settings (or System Preferences), click on your name > Password & Security > Two-Factor Authentication to set it up.
On an iOS device: Open the Settings app, tap your name > Password & Security > Two-Factor Authentication and follow the steps.
On the web: Go to appleid.apple.com and sign in to your account. When you’re prompted to upgrade account security, click on “continue” and follow the instructions.
If you don’t have a trusted device with you: You can tap “Didn’t Get a Code” to receive a text message sent to one of your saved phone numbers.
5. Check your Apple ID device list and remove unrecognized devices
If you believe someone else has logged in to your Apple account, you should look at all devices that are signed in. If someone has used your Apple ID on another device, remove it from your account.
Here’s what to do:
On an Apple device: Open the “Settings” app, click or tap on your name, and scroll to the bottom to see a list of devices on which you’re signed in.
On a Windows PC: Open iCloud for Windows > Manage Apple ID to see registered devices.
On the web: Sign in to appleid.apple.com and select “Devices.”
Click or tap on any devices that you don’t recognize. For any devices that aren’t yours, click “Remove from Account.” You may need to answer security questions to access some device information.
{{hacker-view-widget}}
6. Review and update your account’s personal information
One of the first steps that hackers take upon infiltrating your account is to change your account information. By adding alternate emails or phone numbers, they can access iMessage and other areas of your account — even once you retake control.
Here’s what to do:
Go to the Settings app > Your Name > Name, Phone, Email.
Verify that all information is correct, and update as necessary. This includes your name, birthdate, phone numbers, and email addresses.
Only you should have access to your Apple ID. Anyone who has it can take over your Apple devices, view all content in iCloud, make purchases in the App Store or iTunes Store, and even use the “Find My” app to locate you and your devices.
Here’s what to do:
Make sure every device you use is associated with your Apple ID — and only your Apple ID. You can see this information in the “Settings” app.
If you’ve ever shared your login information with someone else, change your password.
Make sure you can still access all associated email addresses and phone numbers. If you don’t have access, remove them from your account.
See if your password has been leaked to the Dark Web using Aura’s free Dark Web scanner.
If your Apple ID has been compromised, this could be a warning sign of other kinds of identity theft. Look out for common signs of identity theft and stay vigilant to protect yourself.
Here’s what to do:
Run a Dark Web scan to see if your personally identifiable information (PII) has been leaked online.
Review your email for notifications of login attempts on other accounts, like Facebook or Gmail.
Review your financial accounts, including bank and credit card statements, for activities that you don’t recognize.
Request a copy of your credit report at AnnualCreditReport.com and look for credit inquiries you don’t recognize.
9. Consider signing up for a digital security solution
Your Apple ID is more than just the password to your iCloud account – it’s a key to your digital life.
Your Apple ID gives hackers access to your devices, personal data, geographic location, payment methods, and more. But protecting your Apple ID — and the rest of your online identity — can be a full-time job.
Here’s how Aura keeps you safe online:
Secure password manager with leaked password alerts. Aura stores all of your account passwords in a secure place and warns you if they’ve been compromised in a data breach.
Powerful antivirus software and a military-grade virtual private network (VPN). Aura’s digital security tools protect your devices and networks from hackers. You’ll even get warned if you’re entering a phishing site.
Top-rated identity theft protection. Aura constantly monitors your most sensitive information — including your Social Security number (SSN), name, address, and more — and alerts you in near real-time if your data is being used by criminals.
Credit, bank, and investment account monitoring and 4x faster fraud alerts. Aura keeps your finances safe by monitoring your credit across all three bureaus (Experian, Equifax, and TransUnion), and warns you of suspicious transactions and activity.
$1,000,000 insurance for eligible losses due to identity theft. If the worst should happen, you get 24/7 access to U.S.-based Fraud Remediation Specialists as well as $1 million in insurance coverage for stolen funds and other eligible losses.
🥇 Get award-winning protection — for free. Get access to all of Aura’s features free for 14 days →
How To Secure Your Apple ID and Your Entire Digital Life
The biggest vulnerability of your Apple ID — and your entire life online — is your day-to-day cyber hygiene. Nearly all Apple ID hacks happen because people either haven’t secured their login information or unwittingly share it with scammers.
How you protect your accounts, safeguard your information, and monitor threats and potential phishing attacks are the most important factors in maintaining your digital security.
To protect your Apple ID and other accounts, take these important steps:
Use unique, strong passwords. Passwords are your first and sometimes only defense. Create passwords that are 12 to 15 characters long and include numbers, symbols, and upper- and lower-case letters. Never use the same password for more than one account.
Set up two-factor authentication. Set up 2FA on every account that offers it. Research from Microsoft shows that 2FA can block over 99.9% of account compromise attacks [*].
Don’t respond to messages from unknown senders. Ignore text messages, emails, phone calls, and voicemails from numbers or email addresses that you don’t recognize or that use fear tactics. Forward Apple phishing emails and other suspicious messages to reportphishing@apple.com.
Use antivirus software. This will scan your device for programs that could harm your computer.
Keep software up to date. Outdated operating systems and apps can be vulnerable to hacking, so keep them updated and enable automatic updates whenever possible.
Your Apple ID is an integral key to your digital life. Keeping your identity safe can be challenging, but it doesn’t have to be. Aura helps protect you and your family online and has your back 24/7 if the worst should happen.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.
Is this article helpful so far?
Yes
No
Skip
Need an action plan?
What online threat do you need help with today?
Is your child ready for a cell phone? Take this quiz to find out.