Apple ID hacked – What can I do?


Illegal hacking and spyware use is constantly rising around the world. As organizations like the Coalition Against Stalkerware work to fight this global problem, one of the main weapons we have in our arsenal is education.

If you have ever wondered if your Apple ID has been hacked, then read on to discover the tell tale signs and what to do if you suspect that someone else is accessing your information without your permission.

It’s important to remember that Apple ID hacking isn’t the only way that someone could be snooping on your phone. There are many dedicated spyware operators who offer software that can hack and monitor an iPhone. If you suspect that your phone has been hacked in any way you can use a dedicated spyware detection tool, like Certo AntiSpy, to find out for sure.

Uncover spy apps with Certo

Concerned someone may have installed a hidden spy app directly on your device?

Run a deep scan with the award-winning Certo AntiSpy to uncover spyware and other cyber threats on iPhone.

How can someone gain access to your Apple ID?

Simply put, the hacker would have to know your Apple ID username and password and there are a variety of ways that they could find this information out:

Phishing attack: A phishing attack is a text or email that persuades you to click on a malicious link and prompts you to enter your credentials. There are a number of ways that these attacks give themselves away, and you can read our guide to spotting them here.

Hacking another device: If a hacker has gained access to another device of yours, for example a computer, tablet or other phone, they can use that to log keystrokes and steal your login data for your Apple ID, as well as any other login information you may use on that device.

You are the victim of a data breach: Data breaches are another alarming facet of the rise in malware, particularly ransomware targeting large organizations. If you use the same login information for multiple accounts, there is a much higher chance that these details will be leaked online. In 2019 and the first half of 2020, companies suffering data breaches included Poshmark,, CapitalOne, and even Facebook. You can read the full list here.

You know your hacker: Potentially the most worrying, if you have ever shared your credentials with anyone, or allowed them unsupervised access to your phone, they could be using this information to hack into your Apple ID.

What happens when someone hacks your Apple ID?

What can a hacker do once they’ve obtained Apple ID login credentials?

Many spyware providers offer a tailored version of their software that steals data from the cloud using the victim’s Apple ID and password.

Most iOS spyware relies on your phone being jailbroken to work, which requires access to the device and a little technical knowledge, so offering an alternative cloud solution (often called a ‘no-jailbreak’ solution) gives hackers a greater breadth of options when they are trying to stalk you or steal your personal information.

So how does it work? The hacker would give your Apple ID and password to the spyware provider, who would then use it to access your account and download a full backup of your phone onto their servers. This backup is then formatted for the hacker to easily access and read. The backup could potentially be refreshed every time your phone backs up to the cloud.

What else could a hacker do with your Apple account?

Alternatively, once a hacker has access to your Apple ID, they can use this to login to your account and access the information in the same way that you would. They could:

  • Read your emails and even send emails from your account if you have an iCloud address.
  • Access your contacts.
  • See your calendar entries.
  • View your photos and videos.
  • See any files saved to your iCloud drive.
  • Read your Notes.
  • If Find my iPhone is enabled, they can also access your GPS location in real time.

Another option would be to restore the most recent backup of your phone to a different device. This would allow them to see a full copy of your phone at the time of back-up, including messages, photos, contacts, and any other data available in the device backup stored in iCloud.

What are the limitations? Hacking an Apple ID gives someone a lot of information about you and your phone. However, it doesn’t allow them to listen in to your calls or turn on your camera or microphone to spy on you in real time. This requires the full version of many forms of spyware, like MobiStealth, ISpy or FlexiSpy. If this is something that you are worried about, check out Certo Antispy to scan your iPhone for spyware.

Award-winning spyware detection

Combat spyware and other cyber threats with Certo AntiSpy, the world's leading anti-spyware tool for iPhones.

How to tell if your Apple ID has been hacked

This form of hacking is particularly dangerous because it’s difficult to detect and gives the perpetrator a lot of insight into your activities. The data is all accessed directly from iCloud using your Apple ID and password and doesn’t install anything on your phone or rely on your phone to transfer the data. This means that the usual indicators for spyware like high data usage and a fast draining battery will not be present and you would need to obtain access logs from Apple to determine if your Apple ID has been hacked. Unfortunately, these are not readily available and you’d have to get in touch with Apple to request them and then analyze the data yourself.

Another way you can check without needing Apple’s permission would be to find out if two-factor authentication is enabled on your phone. If it is enabled then it would be impossible to hack your Apple ID, and you can relax. If it is not enabled, then you may have to dig further to find the answer.

Protect yourself from Apple ID hacking

If you know what to look out for and the tactics you can use to protect yourself, you should be able to avoid this type of hacking. Things you can do are:

Always use two-factor authentication with your Apple ID: If you have this feature enabled then even if someone discovers your password, they will not be able to access your account. Any attempts to login will trigger a unique code being sent to your device. This protects you and also alerts you if any attempts to log in are made.

Use a strong password: It should also be one that is different from all other online accounts. This is standard good practice for existing on the internet. If all your passwords are different, then a data breach will not open you up to hacking and fraud in the same way that it would if one password could unlock multiple accounts.

Only sync when necessary: There will be a lot of data on your phone that doesn’t always have to be synced to your iCloud such as your calendar, contacts, photos and notes.

Don’t back up: If you cannot or choose not to follow the steps above you can simply back up your phone to a trusted computer rather than to the cloud. This is not ideal as it will not automatically save your information and if you lose your phone between back-ups you could lose photos, messages and data that you would prefer to keep. However, a local back-up will prevent any hackers accessing your information in the cloud.

Hackers are always finding new ways to access your sensitive information. As hacking your Apple ID might not give them the level of access that they want, they are likely to try and install the full version of their chosen spyware on your device. If you have any suspicions about your phone, download Certo AntiSpy. Certo AntiSpy is the only iPhone spyware scanning tool on the market and can tell you if there is any malware on your device and therefore help protect you from hackers.