Apple Compensates Victim of iMessage Bug for Breach of Privacy

by

In December, an apparent bug appeared in Apple's iMessage service that allowed iMessages to be sent to a stolen iPhone. The messages can, apparently, continue to be sent and received from the stolen phone after a remote wipe and a SIM card deactivation. This is obviously an unintended action, and though Apple explains the solution to be "toggle iMessage on and off" in the Settings app, that is an impossible act to perform remotely on a stolen phone.

The Next Web today reports of the case of an anonymous Apple customer who had her iPhone stolen and the lengthy discussions she had with Apple afterwards.

imessage400
After her iPhone was stolen, Customer K had her SIM card deactivated. However, her friends told her that iMessages they sent continued to be delivered to the stolen iPhone because she hadn't invoked Find My iPhone's Remote Wipe feature. Apple's technical support personnel suggested a wide variety of solutions to prevent her messages from being sent to the other iPhone.

Suggestions to reset her Apple ID password, insert her SIM card into another iOS device, among others, made sense. One request, that she contact her friends and tell them to stop sending her iMessages, Customer K thought was completely unreasonable -- not to mention impractical.

Eventually, nearly 6 weeks after her phone was initially stolen, Apple did finally figure out a unique solution:

Apple was finally able to remotely push ‘code’ out to the stolen iPhone in order to make the problem stop. This was a result of an Apple Engineering Team weighing in on how to solve the issue.

After the problem was finally solved, the customer continued to push Apple on the issue of compensation and was directed to Apple's legal department. She informed Apple Legal that she was troubled by the length of time that it took to prevent the iMessages from going to the stolen phone and wanted compensation for the extensive breach of privacy.

Eventually, after a phone discussion with Apple legal, K was offered an iPod Touch as compensation for her trouble. Apple claimed it would give her a device with which to receive iMessages.

Apple has still not commented on the matter, but one theory is that the iMessage servers permanently link the UDID number of a particular handset to an Apple ID, so it knows what handset to deliver iMessages to. Messages continue to be sent to a stolen iPhone until iMessage is manually toggled on and off — a task that is impossible to perform on a stolen phone.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article80 comments
iPhone 17 Plus Feature Purple

iPhone 17 Rumored to Feature Mechanical Aperture

Tuesday July 23, 2024 9:32 am PDT by
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Read Full Article60 comments

Top Rated Comments

BanterClaus Avatar
BanterClaus
163 months ago
This needs fixing. A simple option on iCloud.com to unlink devices from your iMessages is what should be done in my opinion.
Score: 28 Votes (Like | Disagree)
kolax Avatar
kolax
163 months ago
Should have compensated her with a new iPhone instead of iPod touch. Or if she had already bought a new one, refunded what she paid with an Apple Gift Card.

"Here's an iPod touch so you can receive iMessages again, but don't lose it! We don't want to go through all this again!"
Score: 27 Votes (Like | Disagree)
Andronicus Avatar
Andronicus
163 months ago
I would've told them an iPad 2 can get iMessages too!
Score: 21 Votes (Like | Disagree)
ABernardoJr Avatar
ABernardoJr
163 months ago
I'm sick and tired of all these crybabies blaming others for their mistakes. Customer K lost her phone...boo hoo. Deal with it. Call your friends. Tell them you lost your phone and that you aren't receiving their messages. Get a new phone. Don't always try to make someone else responsible for your mistakes. Apple didn't lose your phone...you did. Compensation from Apple? You must be joking.
The phone was clearly stated to have been "stolen" quite a few times in the article. Should she have told the thief not to steal her phone? :confused: I don't imagine that going over particularly well.
Score: 18 Votes (Like | Disagree)
ski1ski1 Avatar
ski1ski1
163 months ago
this story makes absolutely no sense to me..




if her sim card is deactivated, that means her phone number is no longer associated with the sim card. how are messages being sent to the device?
Because unlike regular txt messages, iMessage is linked to the UDID of your phone, not not sim card. This is how it works even via wifi. The phone number or iTunes email address is used as an ID to send/receive iMessages. But there is a major design flaw. Apple uses to the sim card to verify the phone number for iMessage. But it only verifies the sim card upon initial iMessage activation. If the sim card is removed, deactivated, or replaced with a different sim, the Apple servers will still send iMessages to the phone via wifi. Or cellular data, if it has another valid sim card. Even one with a different number. This is because the iMessage phone number is linked on Apple's servers to the UDID of the phone, not the sim. This link on Apple's servers will remain until iMessage is manually deactivated in the phone's settings. Which is impossible if you lose your phone, or already sold it. Apple has known about this design flaw for over two months. I don't understand why Apple still has not fixed this major privacy issue.
Score: 18 Votes (Like | Disagree)
Maltz Avatar
Maltz
163 months ago
It's a slippery slope though, what if I sold my iPhone on craigslist, then file that police report?

Filing a false police report is a good way to end up in jail. Doing what you describe is a good way to get caught filing a false police report. lol
Score: 15 Votes (Like | Disagree)
Read All Comments