Hi Everyone I’d recommend you check your AppleID email address here : https://haveibeenpwned.com <https://haveibeenpwned.com/> and see if your login details have been exposed by any security breaches, if so, change your iCloud password immediately.
For example, let’s say I’ve got an AppleID of [email protected] <mailto:[email protected]>, password “Password1” (who’d do that right?) and I’ve also used that same combination for my Dropbox and LinkedIn login details, then been double silly and haven’t changed those login details in years. Dropbox was hacked in 2012, LinkedIn was also hacked. That particular password combination was exposed. “Credential Stuffing” is where some nefarious do-badder will take that combination and attempt to log into other services hoping I’d used the same login details on other services. A client called yesterday saying her Mac and iPad had been remotely locked via Find My iPhone. Someone had logged into her iCloud account and remote-locked her devices, with a message containing an email address, demanding bitcoin to unlock them. What of 2-Factor authentication you say? But Sam, It’s impossible to log into iCloud without receiving a code on your phone. Well, Find My iPhone (for obvious reasons if you’ve lost your phone) isn’t protected by 2FA, so you can log into it using just your username & password, then remote wipe and remote lock are easily available. The moral of the story, don’t use the same login details for multiple services and do change your passwords semi-regularly. Sam MacAmbulance Ltd. Providing Affordable Mac/PC Support and Web Development Sam Mullen +44 (0)7747778022 <tel://+447747778022> [email protected] <mailto:[email protected]> www.macambulance.co.uk <http://www.macambulance.co.uk/> MacAmbulance Ltd. is a registered company in England & Wales, registration number 8466597 This email is intended solely for the addressed recipients and may contain privileged or confidential information. If you have received this email in error please notify the sender and delete the email immediately. -- You received this message because you are subscribed to the Google Groups "Sussex Mac User Group" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send an email to [email protected]. Visit this group at https://groups.google.com/group/smug. For more options, visit https://groups.google.com/d/optout.
