Group of iPhone Users Had Their Apple IDs Locked and Were Forced to Reset Their Passwords
One of the bad things about the internet is the fact that you're never really completely in control of the situation. Even when your data is at stake, you're often at the mercy of a service provider who sometimes does things that don't seem terribly logical. Those of you who have had their information put in danger probably know that the feeling isn't particularly pleasant. On Tuesday, quite a few iPhone users got to experience it.
A wave of people took to social media and complained about being locked out of their Apple accounts. For no apparent reason, their iPhones just told them that their accounts had been locked "for security reasons" and that they must "verify their identity" if they want to use Apple's services. For reasons that will become apparent in a minute, we can't say how many people were affected exactly. Judging by the amount of attention the tweets and posts attracted, however, we can conclude that the number is not insignificant.
It could have been worse
Being locked out of their accounts meant that users had no other choice but to reset their passwords. Some reported problems with doing that, and a few complained about syncing issues after access to the account had been restored.
Overall, however, the whole thing was little more than a nuisance for most people, and they dealt with it rather quickly. Some even praised Apple for looking after its users by forcing them to go through all the trouble of changing their passwords. That being said, some people are ready to praise Apple for just about anything.
The sound of silence
Despite the lack of any real damage, many users were quite concerned. Their accounts were locked "for security reasons", and naturally enough, they wanted to know what had happened. Sadly, there was nobody to answer their questions.
Like all big, reputable companies, Apple has a social media account dedicated to helping people out when they have problems with their iDevices. Needless to say, many users turned to it when their Apple IDs got locked, and for what it's worth, the social media people did their job – they redirected users to a help page that tells them what they're supposed to do to get their accounts back. In many cases, however, people were turning to Apple's Support account not because they needed assistance, but because they wanted an explanation. All these pleas were ignored, and so were journalists' requests for comments. Apple, a company with close to 600 million users, decided that the best strategy in that case was to act as if nothing had happened.
As always, the lack of official information leads to a lot of speculation. Some discuss the possibility of the whole situation being caused by a large-scale credential stuffing attack. Others reckon that Apple might be trying to protect its customers from a massive phishing campaign. Others still think that it's just a bug in Apple's system.
Whatever the cause, the real problem here is not the lockout itself. There's no evidence of any data loss, and as we mentioned already, most people recovered quickly. The problem is Apple's unwillingness to communicate with users when things go wrong. People that own Apple accounts use them to host some pretty sensitive information. They have every right to know what's going on when it is threatened by someone. Hopefully, both Apple and the rest of the vendors offering this type of services will understand this sooner rather than later.