It’s shameful that Apple has asked its users to put so much trust in its cloud services, and not put better security mechanisms in place to protect them. AppleIDs are too easily reset, which effectively makes iCloud a data security nightmare. I’ve had person after person after person report similar instances to me, some providing documentation showing how easily their Apple accounts were compromised.
And due to Apple’s opacity, I have no way of knowing if things have improved. Apple has refused to tell me in what ways its policies weren’t followed “completely” in my case. Despite being an Apple user for nearly 20 years and having generally positive feelings toward the company, I no longer trust it to do the right thing in terms of protecting my data. I’ve turned off its Find My services and won’t turn them back on.
Amazon also had a glaring security flaw, and although it has fixed that exploit, the flaw’s mere existence should serve as a warning to all of us about all of our other accounts. We don’t often know what’s required to issue a password reset, or have someone get into our account through a company’s tech support system.
But hackers do.