Compromised Apple Gift Card Leads to Apple Account Lockout (tidbits.com)
- Reference: 0180418591
- News link: https://apple.slashdot.org/story/25/12/18/2058222/compromised-apple-gift-card-leads-to-apple-account-lockout
- Source link: https://tidbits.com/2025/12/17/compromised-apple-gift-card-leads-to-apple-account-lockout/
> After attempting to redeem a $500 Apple Gift Card purchased from a well-known retailer, Apple developer, author, and [2]/dev/world conference organizer Paris Buttfield-Addison found himself locked out of his Apple Account. He [3]writes : "I am writing this as a desperate measure. After nearly 30 years as a loyal customer, authoring technical books on Apple's own programming languages (Objective-C and Swift), and spending tens upon tens upon tens of thousands of dollars on devices, apps, conferences, and services, I have been locked out of my personal and professional digital life with no explanation and no recourse."
>
> As far as I can tell from his [4]extensively documented story , Buttfield-Addison did nothing wrong. Personally, I wouldn't have purchased an Apple Gift Card to pay for Apple services -- he planned to use it to pay for his 6 TB iCloud+ storage plan. I presume he bought it at a discount, making the hassle worthwhile compared to simply paying with a credit card. But I have received Apple Gift Cards as thank-yous or gifts several times, so I can easily imagine accidentally trying to redeem a compromised card number and ending up in this situation. [...] For now, we can hope that ongoing media attention pushes Apple to unlock Buttfield-Addison's account. More troublingly, if this can happen to such a high-profile Apple user, I have to assume it also afflicts everyday users who lack the media reach to garner coverage.
[1] https://tidbits.com/2025/12/17/compromised-apple-gift-card-leads-to-apple-account-lockout/
[2] https://devworld.au/index.php
[3] https://hey.paris/posts/appleid/
[4] https://hey.paris/posts/appleid/
Don't Buy Apple Gift Cards (Score:3)
Lesson Learned. I will never buy Apple Gift cards. i wouldn't want to risk using one, or run the embarassment of giving one. thank you for that clarification, Apple.
Re:Don't Buy Apple Gift Cards (Score:5, Insightful)
The lesson is don't ever use an ecosystem where all your software, music, and book purchases, your hardware itself, and even your access to your professional life, tools, and means of communication can all be erased instantly with zero recourse.
The lesson here is not "avoid Apple gift cards"
Its "avoid Apple"
Pick your poison (Score:3)
The problem with this is that google is often the alternative and can be just as bad.
There's a documented case out there where during COVID, when doctor's offices were mostly shut down, where the parents ended up taking a picture of the baby's rash (yes, in that area), and emailing it to the doctor's office.
Somehow Google's automated child porn detection systems flagged this, it was reported to the police who opened an investigation, then closed the file when it was realized that: 1. It was sent to a pediat
Re: Pick your poison (Score:2)
> The problem with this is that google is often the alternative and can be just as bad.
I mostly use proton. Even if they kill off my account, I still have offline backups. I also own my email domain, so I won't lose my email address either, unless my registrar decides to do something they're not legally allowed to do.
Do you pay? Yeah. You pay with Google and Apple too, whether you realize it or not. But unlike them, proton gives you an honest price, and you, not them, hold all of the keys. Literally.
Re: (Score:2)
> The problem with this is that google is often the alternative and can be just as bad.
> There's a documented case out there where during COVID, when doctor's offices were mostly shut down, where the parents ended up taking a picture of the baby's rash (yes, in that area), and emailing it to the doctor's office.
> Somehow Google's automated child porn detection systems flagged this, it was reported to the police who opened an investigation, then closed the file when it was realized that: 1. It was sent to a pediatrician office, 2. Yes, baby had a rash, 3. It was COVID, so office working remotely. This worked long enough for the family to get the appropriate cream for the baby, but google also closed down the man's accounts and marked him as a nasty banned pedophile.
> I never did hear if he got that resolved.
Didn't Apple try something similar with their cloud photos? IIRC they were going to scan all of them for CP but the outcry from parents made them walk back the decision.
Re: (Score:2)
Google is not the alternative. Unfortunately the alternative, selecting systems where your data isn't in the hands of third parties, is intentionally being made hard, and people don't want to do it.
Re: (Score:2)
The lesson is to make backups. I am personally very surprised that such a technically competent person would be "locked out of his professional and personal life without recourse" meaning he never though backing up his contents, even to a simple USB drive.
Also I would argue the lesson "Avoid Apple" doesn't apply to him, he had to choose a field where his competences made him a livelihood. It's like developers who publish apps on Apple App Store because they sell well, not because they love Apple.
Re: (Score:3)
This is every company that uses any kind of automated system for this sort of problem. Pray you never set off any of Google's automated systems because the odds of getting that fixed are just as bad.
Companies should take this more seriously as there's nothing stopping a bad actor from intentionally inflicting these sort of problems to damage the company's reputation. If someone could make enough money shorting stocks to take advantage of bad publicity around the problem there's sufficient incentive to en
Re: (Score:2)
> This is every company that uses any kind of automated system for this sort of problem. Pray you never set off any of Google's automated systems because the odds of getting that fixed are just as bad.
> Companies should take this more seriously as there's nothing stopping a bad actor from intentionally inflicting these sort of problems to damage the company's reputation. If someone could make enough money shorting stocks to take advantage of bad publicity around the problem there's sufficient incentive to engage in it.
Agreed. If I were dictator of the world, I would mandate that any online business with more than some number of users would be required to have physical office. So if a user's account got cancelled, as a last resort that user could physically go to the office with their physical ID and get it fixed.
Yes, this would mean that some online businesses were no longer profitable. I still think it's worth it. Especially compared to the systems we have at present where the user uploads selfies and pictures of their
Re: (Score:1)
So you would be prepared to fly to Tasmania and take the donkey caravan to the remote village where their office is located to deal with this matter?
No?
What about if the shoe is on the other foot... what should the chap who lives in that remote village do if he needs assistance from a physical office in New York City?
Live by the closed-source walled garden... (Score:2)
... die by the closed-source walled garden. If you make Apple your legal guardian, don't cry when Mommy gets mad at you and takes away your toy.
Something doesn’t add up. (Score:2)
Seems fishy, why not out the retailer? They say it’s a major one. Assuming that is the case, wouldn’t involving them be prudent. I feel we are not getting the full story here.
Re: (Score:2)
I agree. How was the card compromised and by whom? It appears that the innocent bystander is getting punished, while the guilty parties walk away without any consequences.
Re: (Score:2)
> I feel we are not getting the full story here.
I'm no financial adviser, yet it seems like a rectifiable conundrum for a fellow earning that far above the poverty line.
"I'm not sure what happened, but here's $500 to cover the damages until we figure out what happened."
Maybe righteousness got in the way?
Re: (Score:2)
Apple Gift Card fraud is a well known issue. Even the official response from Apple implied the entire supply chain was compromised.
There are no surprises here, this is not an uncommon occurrence, and this instance of it is well documented.
There is nothing here that "doesn't add up" other than your personal discomfort at anyone questioning the sacred Apple. Apple is Mother. Apple is father.
Re: (Score:2)
It seems like there needs to be a lawsuit initiated against Apple and the retailer for the full value of that account.
If my name was Buttfield (Score:2)
I would change it to Sir Buttfield.
Bought a card with the code already scratched off? (Score:2)
When you buy a gift card, a diligent purchaser will ensure that the scratch-off part isn't already scratched off.
No mention of any of this is suspicious.
Australian Consumer Law may help or get him an ful (Score:2)
Australian Consumer Law may help or get him an full refund
Re: (Score:1)
He will get a refund because Australia have great consumer protection against transaction fraud. But his account is gone. And therefore his devices. And we don't have any recourse to recover accounts that have been locked out over BS issues like this.
Amazon does the same thing (Score:2)
Even if you buy the gift cards from Amazon, they will quite often lock your account if you use them on electronics, or anything really popular. It is an incredibly dumb system.
How does it feel? (Score:2)
To be Apple's bitch?
This happens to everyone on every ecosphere (Score:1)
I see people saying this is an Apple problem. It's not. Automated systems and having no recourse is the problem. I've lost a Google account because I could not authenticate using another device -- password and recovery phone number not enough to get my account back. I've got clients that have lost Apple, Google, Facebook and Microsoft accounts. And there is no recourse! These companies are not accountable to anyone!
Doesn't matter what Apple does (Score:5, Insightful)
They can make an exception for him because he is such a big player. They can make an exception for him because he went viral.
The thousands of others this happens to on a regular basis are still locked out, and no one is coming to save them.
Re: Doesn't matter what Apple does (Score:2)
I dunno, Apple thinks they have enough clout to blatantly lie to a federal judge and ignore an injunction without consequence. What chance do you think this guy has?
Re: (Score:2)
I think the point of the OP wasn't to assess if this guy has a chance, but stating that this guy can try his luck but whatever the outcome, the chances for regular folks are infinitely less.
Re: (Score:2)
It's an area of law the could do with seeing clarification. If stuff like this happens you should be due a refund on your bricked hardware, lost app purchases, lost media etc. It's particularly bad with consoles and Steam, where you can lose many years, even decades of purchases due to an error on their end.
Same when the mandatory TOS changes and you can't agree to the new terms.