If any of you get an email from mxyz_h-xx-xx@mac.com (unlikely, but I can’t guarantee it), it’s not from me so trash it immediately without looking at it.
3 Likes
Yikes! Hope you can get good support from Apple and can recover the account. Maybe it doesn’t matter at this point, but if you do plan on using that address in the future, you might want to edit the post and obfuscate the address a bit, so it doesn’t get spidered and spammed into oblivion.
2 Likes
Thanks. Done that. Apple helped me to get back to change the password, using my wife’s computer. I hope I haven’t lost anything important. I’ll increase the security on it further. Most of my passwords are not stored on iCloud, a few are so I’ll change those.
1 Like
Were you using 2-factor authorisation?
1 Like
Yes, I thought so, ‘cos I used to get an alert on another machine, but when I tried to log in to change the password, it didn’t accept the existing one.
I have 2-factor turned on but it makes me think I ought to beef up my security in some way although I’m not really sure what else I can do.
I don’t keep passwords on iCloud so that’s not a problem.
Do you know for sure it was “hacked”, e.g. some other entity got your password and changed it? Or was it a flaw of some sort at Apple which was not accepting the password? (That being asked, I guess Apple would never say).
Definitely hacked, and I know how it came to be hacked… a sudden email from an old friend. I smelled a rat too late; their email had been hacked!
1 Like
What happened after receiving this email? Did you execute any code or entered data on a dubious website?
2 Likes
I answered it before I smelled the rat!
So, you gave away sensitive information? Just trying to understand what went wrong.
Just my iCloud email address, from which it took whoever a week to get the password. But I’ve got two-factor authentication on it, and I’ll look into further security.
Weird. If I understand this correctly, your reply didn’t really help the attacker (just not receiving an error message for an invalid address also confirms: “yes, that one is actually in use”). 
All I can add is that I couldn’t log in to my iCloud account after I received the hacker’s email, but Apple helped me with resetting passwords.
Mmm …
I wondered if it was something to do with this:
1 Like
Your post reminds me that AFAIK we never did get an explanation from Apple of why this happened.
That said, I did change my AppleID password without any apparent malign effects, although the volume of spam I get on that account has remained constant.
My iPhone is set to receive the 2-factor codes and I have set a Sim pin to prevent any iPhone thief from simply swapping the Sim card. I would use something like Authy for generating one time codes if I could get it to work with iCloud.
No, we did not. 
I thought iCloud could generate 2FA codes. Does that not work for you?
In my case, it wasn’t that, or else it just happened at the same time as the hacker’s email.
It does but they go to the iPhone. Arguably it’s little different to using Authy, since Authy is now only available on Android and iPhone since they’ve dropped the desktop version.
I do have a sim pin to prevent anyone who nicks the iPhone from simply swapping the sim to another phone and getting 2FA codes that way.
Could it be a coincidence?