How can I determine if my Apple Account is compromised?

Question

How can I determine if my Apple Account is compromised?

How can I determine which devices have accessed my Apple ID and any specific information about which device, and where, was used to change my Apple ID password?

I recently tried to login to the App Store. My password did not work. After using my passcode to login to the AppleID site, I saw that my password was changed on December 4, 2024. I have no recollection of changing my password. And given how long it took me to change it again today, I think I would remember this. I checked my e-mail addresses, including junk folders and trash folders and I have no e-mails notifying me of a password change on or around December 4.

If I were sloppy about security, then this would not be so concerning. However:

I use a password manager so I have a lengthy, unique password for every account.
My Apple ID is linked only to my phone and my watch. Both are always in my possession.
I have not left town or used any public wifi in several months.
I update my iOS promptly when updates are released.
I don't have any shady apps or visit any shady websites; my apps are banking, news, and a handful of merchants who I buy from regularly (Target, GNC, etc). Whenever two/multi-factor authentication are available, I use them.
I have not had any alerts or other indications of fraudulent activity in any other accounts (e-mail and banking)
I never click links in e-mails, even when they look legitimate. I go to the website.
If doing a web search, I don't click on a website in the search result that I don't trust. I never click on ads.

[Re-Titled By Moderator]

iPhone 14 Pro Max, iOS 18

Posted on Jan 19, 2025 12:18 PM

Reply

Answer 1

Seallbay

Level 5

5,773 points

Jan 20, 2025 11:53 AM in response to IsAppShortForApple

Hi! First of all, I love your username :D

Second, you can view which devices are currently signed into your Apple Account: Check your Apple Account device list to find where you’re signed in - Apple Support, but I don't believe there is a way to view login history.

It sounds like you're already doing all the right things. I would also recommend enabling two-factor authentication for your Apple Account if it isn't already: Two-factor authentication for Apple Account - Apple Support

Reply

Answer 2

Jan 22, 2025 12:47 PM in response to IsAppShortForApple

Mystery solved. Well, kind of.

How did the password change? On the date in question, December 4, my wife created a new Apple user ID on my old iPhone X. I was going to give this phone to my parents. However, they had already upgraded. So it sat in a cupboard, with the battery dead, for months. On December 4, she found it and decided to use it for work. When creating a new User ID, she somehow reset my password.

Why did I not get any notification via text or e-mail? I cannot figure this out. When I updated the password a couple of days ago to resolve this issue, I got e-mail alerts. I did not on December 4. When I checked, my inbox, junk folder, and delete folder still had e-mails stretching back to November. I did not receive an e-mail about the password change. I did not receive a text. The only type of notice I got was an alert on my phone saying that an Apple Watch now had access to my iMessage. This was odd because my watch was already connected to my account and phone. Maybe my wife's watch temporarily had access. But I don't think it was in my device list as one that had access.

Whatever the case, I have not had any unusual activity in any other accounts. No odd credit card charges. No unknown banking transactions. No known logins to any other accounts. I already had freezes in place on my credit and there were no inquires. So, I guess all is well. I just wish I would have received an alert when the password changed. That seems like a problem.

Reply

How can I determine if my Apple Account is compromised?

Similar questions