Last night a few users began reporting that their Apple IDs had been compromised, causing them to be locked out of their accounts. Recovering and password resets worked for a handful of Apple IDs, but it was still unclear overnight what might have been happening to cause the small breach in Apple's otherwise secure universal log-in system.

This morning speculation came to a close as third-party email client Spark confirmed that an upgrade to faster servers for iCloud users on the platform triggered the issue and forced password resets in a collection of Apple IDs. The company mentioned that it has been preparing to launch Spark for Mac, which was the reason for the faster server upgrade, but now promises that "there's NO breach or data leak" that users have to worry about.

spark mail picture
Readdle, the creators of Spark, reiterated what it tweeted out throughout the morning in a post on Reddit.

Hello guys,

Thank you for the feedback and comments! Our team has been investigating this for a few hours. What we know so far: 1. There's no breach or data leak according to our investigation. 2. The new, faster AWS server logic might have triggered iCloud security algos. We are already working with Apple to learn more details. We are doing some server side work to make Spark much faster, and to make it ready for the Mac version, which is already in Alpha. We will keep you updated once we have more news from Apple side.

Thank you.

As some users have noted, the security problem didn't hit all Spark users who use the service with their iCloud account. The company said that it's working with Apple to get the issue fixed as soon as possible, but it seems that users affected by the security lockouts need not worry about malicious attempts at entry into their private Apple ID at least. If Readdle posts any more updates on its fix for the problem, we'll update this story as well.

Tags: iCloud, Spark

Top Rated Comments

Max Portakabin Avatar
116 months ago
Breach or not, they could have at least apologised considering the inconvenience created in changing out your Apple ID password.
Score: 5 Votes (Like | Disagree)
dogslobber Avatar
116 months ago
I personally didn't think they stored them. I thought they just used my phone-stored password. Now that I know for a fact they store it off site, I'm much more upset.
"Accounts are added to Spark through OAuth where possible. Where OAuth is not supported we keep your account username and password on our secure servers. We then use the authorization provided to download your emails to our virtual servers and push to your device.
[...]
The safety and security of your information also depends on you. You should not share your email user name and password with anyone. If you find out that anyone has improperly obtained your login credentials and accesses your email account through Spark, you should immediately change your password. We are not responsible for such unauthorized access unless the access is our fault."


https://sparkmailapp.com/privacy

LOL. What a con. Apple should punt this app from the App Store.
Score: 3 Votes (Like | Disagree)
Rigby Avatar
116 months ago
It seems to me that, from the security perspective, it's just a bad idea to use an email service that inserts itself between you and the actual email provider, since they still have to store your password on their servers in case the email provider doesn't offer secure authentication via oauth tokens (which iCloud doesn't). This affects not only Spark, but also the Outlook mail app. This time it was apparently harmless, next time it could be a serious breach. And two-factor doesn't really help in case of iCloud, since you have to use an application password which is not protected ...
Score: 3 Votes (Like | Disagree)
Peepo Avatar
116 months ago
I thought Spark was better vs. Outlook in regards to not being in the middle storing passwords etc. Now that I hear this, I have removed it. I have had my account locked out twice this week.

With 2 factor authentication on iCloud, there should be no way Spark could permanently hack your iCloud account since you have to generate a one time password for it. But I still don't like that it locks accounts. Maybe after everything is fixed I'll give it another try.
Score: 3 Votes (Like | Disagree)
thebroz Avatar
116 months ago
Twice I was locked out in the past couple days. It might be time to ditch Spark. It's a major nuisance to change my Apple ID password because it affects a number of devices.
Score: 3 Votes (Like | Disagree)
coolfactor Avatar
116 months ago
It seems to me that, from the security perspective, it's just a bad idea to use an email service that inserts itself between you and the actual email provider, ...
Exactly. It raises so many questions.

* Since they are impersonating you, they need to keep your password stored, not a one-way hash of it. How securely are they storing it? Who has access to it at the company?
* How secure is the email storage on their servers? Do they have one giant database serving all users, and filter by ID, or separate, segregated databases for each user?
* Can technical problems at their end cause emails to be deleted unintentionally?

Email is far too important to me to introduce layers of complexity and uncertainty like that.

(@Runbox rocks for email, by the way.)
Score: 3 Votes (Like | Disagree)

Popular Stories

maxresdefault

Everything Apple Announced at WWDC 2025 in 10 Minutes

Monday June 9, 2025 5:21 pm PDT by
At today's WWDC 2025 keynote event, Apple unveiled a new design that will inform the next decade of iOS, iPadOS, and macOS development, so needless to say, it was a busy day. Apple also unveiled a ton of new features for the iPhone, an overhauled Spotlight interface for the Mac, and a ton of updates that make the iPad more like a Mac than ever before. Subscribe to the MacRumors YouTube channel ...
iPadOS 26 Apple Newsroom

Apple Says iPadOS 26 is Compatible With These iPad Models

Monday June 9, 2025 11:22 am PDT by
Apple today announced that iPadOS 26 will be compatible with the iPad models listed below. iPadOS 26 features a new Liquid Glass design, a menu bar, improved app windowing, and more. iPadOS 26 supports the following iPad models:iPad Pro (M4) iPad Pro 12.9-inch (3rd generation and later) iPad Pro 11-inch (1st generation and later) iPad Air (M2 and later) iPad Air (3rd generation and...
apple beta 26 lineup

Apple 'Sherlocked' These Apps at WWDC 2025

Wednesday June 11, 2025 7:14 am PDT by
Apple at WWDC previewed a bunch of new features coming in its updated operating systems, but certain changes will have been met with dismay by third-party developers who already offer apps with equivalent or similar features. In other words, their product has been "sherlocked" by Apple. When Apple creates an app or a feature that has functionality found in a third-party app, it is referred...
iPhone Car Key WWDC 2025

Apple Says These 13 Vehicle Brands Will Soon Offer iPhone Car Keys

Monday June 9, 2025 2:38 pm PDT by
In 2020, Apple added a digital car key feature to its Wallet app, allowing users to lock, unlock, and start a compatible vehicle with an iPhone or Apple Watch. The feature is currently offered by select automakers, including Audi, BMW, Hyundai, Kia, Genesis, Mercedes-Benz, Volvo, and a handful of others, and it is set to expand further. During its WWDC 2025 keynote today, Apple said that 13...
iOS 26 on Three iPhones

iOS 26 Includes These 100 New Features and Changes for Your iPhone

Tuesday June 10, 2025 11:59 am PDT by
Apple has announced iOS 26, and the upcoming software update includes a long list of new features and changes for iPhones. The first iOS 26 developer beta is now available, and a public beta will follow next month. The update will be released later this year. iOS 26 is compatible with the iPhone 11 and newer. Below, we have provided a high-level overview of 100 new features and changes ...
iOS 26 on Three iPhones

Hate iOS 26's Liquid Glass Design? Here's How to Tone It Down

Wednesday June 11, 2025 4:22 pm PDT by
iOS 26 features a whole new design material that Apple calls Liquid Glass, with a focus on transparency that lets the content on your display shine through the controls. If you're not a fan of the look, or are having trouble with readability, there is a step that you can take to make things more opaque without entirely losing out on the new look. Apple has multiple Accessibility options that ...
iOS 26 Screens

Here Are All the iOS 26 Features That Require iPhone 15 Pro or Newer

Thursday June 12, 2025 4:53 am PDT by
With iOS 26, Apple has introduced some major changes to the iPhone experience, headlined by the new Liquid Glass redesign that's available across all compatible devices. However, several of the update's features are exclusive to iPhone 15 Pro and iPhone 16 models, since they rely on Apple Intelligence. The following features are powered by on-device large language models and machine...
iphone 16 pro models 1

17 Reasons to Wait for the iPhone 17

Thursday June 12, 2025 8:58 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we often get rumored features months ahead of launch. The iPhone 17 series is no different, and we already have a good idea of what to expect from Apple's 2025 smartphone lineup. If you skipped the iPhone...