Hackers using stolen iCloud credentials have been able to use Apple’ Find My Device features to remotely lock down computers and demand Bitcoin ransoms from affected users. However, that doesn’t mean Apple’s iCloud was hacked. Instead, hackers are likely trying their luck with some of the many available username and password combinations that resulted from recently publicized hacks.
As long as you don’t reuse passwords, and your iCloud login is distinct from any of your username and password combo that may have been affected by a recent hack, you are safe. Hackers won’t be able to log into your iCloud account and disable your Mac.
But there are users out there who don’t use this basic security feature — picking at least a different password for every online property you might own. As a result, hackers were able to lock down their devices, MacRumors reports.
As long as someone has access to your iCloud credentials, they can lock a Mac with a passcode even when two-factor authentication is turned on your account. That’s because an Apple user has to be able to search for an iPhone on a map in case it gets lost even if the iPhone is protected with two-factor authentication.
In case you have been affected by the issue, you should try contacting Apple support to for assistance.
In the future, you should rely on unique passwords and password management programs to safeguard your devices and online accounts, and change the passwords when one of those accounts is hacked.