Over a period of few days, there has been news of several Mac users getting locked out of their machines after hackers signed into their iCloud accounts and initiated a remote lock using the Find My iPhone feature.
With access to an iCloud user’s username and password , the hackers can remotely activate the Find My iPhone on icloud.com which locks the Mac with a passcode, even with two-factor authentication turned on, and that is what is going on here.
Apple allows users to access their Find My iPhone feature without requiring two-factor authentication in case a person’s only trusted device has gone missing.
Affected users who have had their iCloud accounts hacked are receiving messages demanding money for the passcode to unlock a locked Mac device.
The usernames and passwords of the iCloud accounts affected by this “hack” were likely found through various site data breaches and have not been acquired through breaching Apple’s servers.
Users who have been impacted were most likely using the same email addresses, account names, and passwords for multiple accounts, allowing people with malicious intent to figure out their iCloud details.
To avoid an issue like this, Apple users should change their Apple ID passwords, enable two-factor authentication, and never use the same password twice. Passwords like 1Password, LastPass, and even Apple’s own iCloud keychain are ideal ways to generate and store new passwords for each and every website.
Impacted users who have had their Macs unlocked will need to get in contact with Apple Support for assistance with removing the Find My iPhone lock.
