iMessage/FaceTime – Can Identities Be Hijacked on Public Wi-Fi?

facetimemacosmessagesSecurity

I'm logged in on "Joe's MacBook Pro" at a public Wi-Fi.

I get an alert window (apparently from no program in particular). It says:

Your Apple ID is now being used for iMessage and FaceTime on a new Mac.

If you recently signed into “Joe's MacBook Pro” you can ignore this notification.

What does this mean? I use several development tools (Emacs, …) but neither iMessage nor FaceTime.

I never use the same password twice as suggested as an answer to FaceTime hijacked, nor do I otherwise have a reason to believe my Apple (macOS or iCloud) account is compromised.

Is this a security risk? The message does not indicate what to do if I had not "recently signed into".

Please provide some back-up or reference for your answer, so as not to trigger extra caution when none is needed. The point is to understand what's happening, not to be prudent just to be on the safe side.

Best Answer

Yes, this may be a security risk. But it's unlikely that someone hijacked your Mac using Wi-Fi alone.

In order for you to receive this message someone needs to login with your Apple ID credentials with a device that supports FaceTime (iPhone, iPad, iPod touch, any Mac).

Change your Apple ID password

  1. Go to Manage Apple ID
  2. Log in with your Apple ID
  3. Go to Security > "Change Password..."
  4. Change your password
  5. Also turn on two-factor authentication if it isn't already

Check your Devices

  1. Go to Manage Apple ID
  2. Log in with your Apple ID
  3. Scroll down to My Devices
  4. Click any device that looks unfamiliar to you
  5. In the new window click the blue circle with an x to remove it.

You may need to sign in with your new Apple ID password on your other devices in order to use all iCloud services again.

Related Question