Apple ID Password Reset: I woke up early this morning and, like millions of people, the first thing I did was check my iPhone for messages, weather reports, and news.
However, unlike every other day, I found myself logged out of my Apple ID and was asked not only to enter my password again but to change it to a new one. It seems I’m not alone.
Although Apple’s system status page doesn’t report any issues, that seems far from the truth of the matter. A quick look at social media is enough to realize that this is happening on a large scale.
My colleague Zak Doffman, who also contributes to the cybersecurity section of Keynote USA, tells me that the same thing happened to him.
How to New Apple ID Password Reset?
The issue appears to have started on Friday evening, April 26, with reports of users signing out of their Apple IDs. This is not device-specific and appears to be affecting users of iPhones, iPads, and MacBooks.
As a security-conscious person, I immediately thought something might be wrong, as there have been some recent attacks involving password resets.
However, as my colleague Kate O’Flaherty reported in March, these rely on a “bombardment” method of two-factor authentication, while the current situation is a simple “reset your password” with nothing else involved.
The 2FA bombardment attackers would follow up with a call posing as Apple Support, but I have not received such a call and have not read reports of anyone else receiving them either.
The issue also means that users will not only need to log back in on all devices but also reset all app-specific passwords.
Currently, it is not known if this is a bug or a security incident. I’ve asked Apple for a statement and will update this breaking news as soon as I have more information.
“When something comes out of the blue, like a password reset or one-time password request, it’s important to dig deeper and investigate wherever possible before following any prompts,” said Jake Moore, global cybersecurity advisor at ESET.
“It appears this is a genuine mistake as there are many people involved. Although it is annoying, it is usually a good idea to reset all connected devices and change the password from time to time or when a data breach has occurred. However, due diligence is vital when it comes to unsolicited notifications and MFA should be turned on by default for all accounts.
Keynote USA News
For Latest Apple News. Follow @Keynote USA News on Twitter Or Google News.
