My friend recently got hacked, and the attacker changed the verification phone number linked to her iCloud account. Now she can't log in because when she tries to recover her password on iforgot.apple.com, it requests multi-factor authentication (MFA) to the attacker's phone number. Since that number is no longer under her control, she's stuck. Does anyone have suggestions to help her regain access?
1 Answer
If the attacker has added their own trusted number to the account and removed your friend's original number, recovery can be really tough. The best step now is to ensure that any payment info linked to her account is removed and warn her contacts not to respond to any Apple Cash requests that might come from this compromised account.
Got it! But what do you mean by "Apple Cash requests"? Also, how could the attacker have changed the phone number? Did they need access to text messages or her email? I’m not sure if they wiped her devices, but could they still do that? I'm also worried about the linked cards if they used Apple's payment system. Are those still at risk?