On December 23, 2023, Michael Matthews, a manager from Minnesota, was traveling to Scottsdale, Arizona, when his iPhone was stolen by a pickpocket. What happened to Matthews after this incident became his worst nightmare, as outlined in the lawsuit he filed against Apple Inc. on Tuesday in federal court in San Francisco.
According to court documents, shortly after the theft, Matthews contacted the police in Scottsdale, but it was already too late. The thieves had managed to hack into his phone. Matthews doesn’t know how the thieves obtained his iPhone password, but he suspects that they had been observing him before, seeing the numbers he entered. Once the thieves gained access to his iPhone, they disabled Matthews’ remote access capabilities, then took over his Apple ID and iCloud account.
This meant that Matthews’ entire digital life was now in the hands of the thieves. This included 30 years of private and personal data, such as “social security numbers, passport information, credit cards, bank accounts, brokerage accounts, and all passwords to websites that Matthews had saved in iCloud Keychain, including work files, research, tax statements, photos, music, etc.” – as stated in the lawsuit.
The loss was much greater than just the materials on the phone. When the thieves gained control of Matthews’ Apple ID, they had access to all of his data on the Apple platform. Matthews’ attorney, K. Jon Breyer of Kutak Rock LLP in Minneapolis, explained that once inside the phone, the thieves “could use Apple Pay to buy anything they want. Apple connects with your other accounts. The passwords and usernames you save in the chain, they can use all of that to gain access to your various bank accounts or financial information.”
Breyer said that what created a nightmare for Matthews was the optional “recovery key” in the Apple operating system – a 28-character alphanumeric code that, if enabled, allows the owner to regain access to their accounts and data in Apple. That could have protected Matthews, but shortly after the thieves broke into the phone, they allegedly reset the recovery key. And once the recovery key was reset, only the thieves (and Apple) knew the new code. Breyer said, “The recovery key is an immensely powerful tool that hackers use. Apple has been aware of this security loophole for quite some time but has done nothing to fix it and, worse yet, refuses victims access to their accounts despite this loophole.”
FAQ:
1. When and where was Michael Matthews’ iPhone stolen?
Michael Matthews was traveling to Scottsdale, Arizona, on December 23, 2023, when his iPhone was stolen by a pickpocket.
2. What happened to Matthews after the theft?
After the theft, the thieves used his iPhone, took over his Apple ID, and gained access to iCloud.
3. How did the thieves obtain Matthews’ iPhone password?
It is unclear exactly how the thieves obtained Matthews’ iPhone password, but he suspects that the thieves were observing him when he entered his password.
4. What data was stolen from Matthews’ iPhone?
The thieves had access to Matthews’ private and personal data, including social security numbers, passport information, credit cards, bank accounts, brokerage accounts, and all passwords to websites that Matthews had saved in iCloud Keychain. The loss also included work files, research, tax statements, photos, and music.
5. What could the thieves do after taking over Matthews’ Apple ID?
After taking over the Apple ID, the thieves could use Apple Pay to make purchases and have access to other bank accounts and financial information of Matthews that were linked to his Apple account.
6. What was the recovery key used in the Apple operating system?
The optional recovery key in the Apple operating system is a 28-character alphanumeric code that allows the owner to regain access to their accounts and data in Apple in case of a forgotten password.
7. How did the thieves reset Matthews’ recovery key?
After breaking into the phone, the thieves allegedly reset the recovery key, which meant that only they (and Apple) knew the new code.
8. Was Apple aware of the recovery key issue before this theft occurred?
Matthews’ attorney claims that Apple was aware of the security loophole related to the recovery key but took no action to fix it and did not allow victims to regain access to their accounts despite knowing about the loophole.
Definitions:
– Pickpocket – a person who steals from someone’s pocket or bag.
– iCloud – an online data storage platform offered by Apple.
– Apple ID – the digital identity for Apple device users that enables access to Apple services.
– Apple Pay – a mobile payment system developed by Apple that allows users to make payments using their iPhone.
– Hacker – a person who gains unauthorized access to data or computer systems for the purpose of stealing information or causing harm.
– Recovery Key – a code that enables account and data recovery in the Apple operating system in case of a forgotten password.
Links:
– Apple Homepage
– Apple Support for iPhone