I Think My MacBook Pro was Hacked
I have a MacBook Pro purchased new from Best Buy in 2012 and am running the latest version of OS X Maverick on it. I have never created a pin code to lock my computer.
Generally speaking, my computer sees average stay-at-home mom style use. I'm cautious about what websites I will visit, I'm not an idiot when it comes to opening suspicious emails, and I'm pretty good about creating strong passwords which I change regularly. I even recently began removing my saved credit card information from shopping websites.
On May 21, 2014, I opened my sleeping laptop at about 8:15pm. Here is a quick list of what happened, in order, as best as I can remember it.
- A small window popped up with a "Find My Apple Alert" on the screen. A green light was flashing and an alarm was going off.
- I x'ed out of that window.
- My computer shut down (turned off completely) on it's own.
- I went to find my husband.
- My computer turned back on and the screen was gray. It said, "Enter Your System Pincode to Unlock this Mac" and had four squares under it. Underneath that was a message that said "Contact me at Lukefirstname.lastname@example.org."
- I did nothing.
- My husband accused me of bringing this on myself from using coupon websites.
- I cursed at him.
- We both started Googling on our respective other devices (him on an iPad, me on my phone).
- We did not attempt to enter any digits to unlock the device because I know I've never set that up on this computer.
My Husband Calls Apple Support
- Apple Support gathers standard information including the serial number of the device, our names and Apple ID's, the necessary details, and the email address popping up on the screen.
- We are advised to try a pin code (just in case).
- We put in the one and only 4 digit number we'd ever use and it does not work.
- Apple Support looks up the email address showing on our screen and says it is not bringing up a connected Apple ID.
- We are told to make an appointment at an Apple Store, bring in the device and proof of purchase, and they can unlock it. (The nearest Apple store is an hour away and closed for the evening.)
Meanwhile, I Google The Name in the Email
My husband is convinced I've been hacked, much like what we're hearing about all of a sudden with the Olig Pliss hackers in Australia. I'm not convinced. I keep saying we should just contact the email and see what is going on. I assume this is some random crossing of Internet wires and completely explainable. (I'm so optimistic.) My husband doesn't want to do that yet.
The email address provided is clearly a person's first and last name and possible birth year. It is also a Yahoo account, which strikes me as odd and not hacker-ish, if that makes any sense at all. My thought is that this Luke person has lost his iPhone, sent out a "Find my Apple Alert" and somehow invisible Internet lines have picked up my computer instead of his phone. I have no scientific nor technological data to support this theory. But it seemed plausible. So I decide to Google the name in the email.
- The first thing that pops up on Google happens to be a Twitter handle. I follow it.
- The profile appears to be a high school kid who has tweeted something like 15,000 times.
- I start scrolling through his latest tweets.
- At 4pm that day he tweeted about how he had lost his phone.
- There are 6 tweets from 4pm until 8pm lamenting the lost or possibly stolen phone, pleas to borrow someone's old phone, and complaints of the cost of a new phone.
- I tweet directly to him and ask him if he is Lukeemail@example.com. No immediate response, though he has definitely tweeted in the last half hour (I guess you don't hit 15K by sporadically checking in to Twitter like I do).
- I send him a private message explaining in 140 characters about my locked computer with his email address popping up.
- He does not respond immediately.
- I send him a message to call me if he can get to another phone and leave my phone number.
- He writes, "Are you the Claire that is showing up on my iCloud?"
- I say, "Probably, yes."
- He writes, "How do you have my iCloud ID and password?"
- I write, "I've never even been on my own iCloud, I promise I've never knowingly been on yours."
- This goes on for a little bit because he believes I have stolen his phone and I believe he has hacked me.
- Apparently my device has shown up on his iCloud and his Apple Alert has picked it up. He sends me a screen shot of a map with a blue dot directly over my house.
- I tell him I do not have his phone, that I'm a stay at home mom of three kids and I just wanted to get on Pinterest that night. If he doesn't believe me, I tell him to Google me, "I have a blog."
- Finally he writes something to the effect of: "I'm going to take your word for it. This is so weird. Sorry if I freaked you out. I'm going to send you a pass code so you can unlock your computer and then delete your profile from my iCloud."
- I tell him thanks, that he has saved me a trip to Greensboro, and by the way, I have an extra AT&T iPhone he can have if he needs it.
- He declines the phone, thanks me, apologizes again, sends me a 4-digit code (which he obviously just created as it was 1-2-3-4), it unlocks my computer, and the problem is solved.
- While I'm waiting, I also find out that he lives in a neighborhood about four miles away from me.
- He then tells me I should back up my iCloud and change my password in case something got lost when he deleted my profile.
We Call Apple Support Back
My husband immediately calls Apple Support again, to explain the bizarre and lucky circumstances. We are pushed up the chain of command four times. No one has heard of such a thing happening ever.
I'm wondering if there is a glitch in the Apple iCloud that caused this kid to somehow get my Apple ID and device on his profile.
My husband thinks he might have been playing around and somehow actually tapped in to my Apple ID and maybe even surprised himself a little.
In the end, everything worked out. We're both feeling pretty lucky that if something like this had to happen, it came from a source who has Tweeted 15 thousand times and therefore had an immediate Google presence. I also feel like, living in this small town, at some point I will very likely meet this kid. I know people in his neighborhood. No doubt we have mutual contacts.
But given everything popping up in the news all of a sudden about Apple hacks, I am once again a little suspicious. Of course I've already changed all my passwords across every area of my technological life, but I can't help but believe that perhaps this wasn't an accident after all.
Would love to hear your thoughts in the comments.