The users themselves left it on a tray
Folha de S. Paulo has recently reported that the São Paulo Police have arrested a gang that was focused on stealing the iPhone. Although the logical thing would have been to think that their real ‘business’ was to sell them to get the money they cost, the reality is very different. Specifically, their own thieves have explained how they violated the security of the devices to access bank accounts. And although at first it may seem extremely complicated, the truth is that the method used is quite simple.
The police chief, Fabiano Barbeiro, explained that they only needed the SIM card iPhone to access all your data. This completely eliminates the need to use an exploit which would have been the most logical way to do it. But what the thieves did was take the SIM card out of the stolen iPhone and put it in another iPhone. Through social networks, the user could be tracked to find the email of the owners of the iPhone. Normally this email from social networks is the same as the Apple ID and that is why they reset the passwords through the phone number.
Once all these data are accessed, you also have access to passwords stored in iCloud keychain. But this was not the only way since the thieves themselves explained that many people store the passwords in the Notes application like those of their cards. All these user-generated security holes make this band successful.
Ways to prevent this information theft
As we have seen previously, the hole that these thieves exploit to access personal information is generated by us, the users. In order to prevent it, it is always recommended to have different emails for social networks, which is public, and another that is totally private. Also, you should never trust jotting down passwords in digital notepads or even in untrustworthy applications. This also adds to the need to change passwords and verification systems in the most important services.
From Apple they have informed the Brazilian media that they will integrate the necessary tools to eliminate all the data from a stolen iPhone. They also recommend make use of a virtual SIM card, or eSIM, being much more difficult to transfer to another device. Nor is it ruled out that they have access to more complex tools to unlock iPhones, but with all these data, one must be aware of the care that must be taken online.