A significant privacy vulnerability in Apple’s popular “Hide My Email” service is allowing attackers to uncover users’ real email addresses, undermining a key feature designed to protect user anonymity online. The issue, first reported to Apple more than a year ago, remains unfixed as of this week, according to security researcher Tyler Murphy and independent verification by 404 Media. “Hide My Email,” available to iCloud+ subscribers, lets users generate unique, random forwarding addresses (typically ending in domains like @privaterelay.appleid.com or iCloud.com) when signing up for apps and websites. These relay addresses forward mail to the user’s actual inbox while keeping their personal email private, helping combat spam and data breaches. However, a flaw in the implementation now makes it possible for almost anyone to link these hidden addresses back to the user’s real email, according to Murphy, co-founder of EasyOptOuts. He first reported the vulnerability and provided replication steps to Apple in June 2025. In communications shared with 404 Media, Murphy stated: “Hide My Email users deserve to know that it may be possible for attackers to discover their hidden email addresses.” He expressed frustration over Apple’s delayed response and decided to go public after more than 12 months without a fix. 404 Media confirmed the vulnerability is still exploitable as recently as Monday using one of its own test accounts. The outlet chose not to publish the exact technical details to prevent active abuse while the bug persists. Apple’s Response and Ongoing Investigation • Apple has been aware of the problem since shortly after Murphy’s initial report. In internal communications:One month after disclosure, Apple said it was investigating. • In March 2026, the company claimed the issue had been “addressed in a recent system change”—but Murphy found it was not resolved. • Further updates in April and May described additional checks and promised a fix in an upcoming security update “in the coming weeks.” Apple has not responded to recent inquiries from 404 Media about the status. The vulnerability comes amid broader changes to the service. In mid-June 2026, Apple announced it would consolidate Hide My Email and Sign in with Apple relay addresses under the @private.icloud.com domain. While intended to streamline operations, critics worry this could make it easier for websites to detect and block anonymized addresses, potentially reducing the feature’s effectiveness. See also: Apple is poised to ruin ‘Hide My Email’ aliases – June 17, 2026 Potential Risks for Users Security experts note that once a real email is exposed, it can be cross-referenced with public data brokers and people-search sites, revealing names, locations, and other personal details. This defeats the privacy purpose for users relying on the tool for sensitive sign-ups, anonymous feedback, or avoiding harassment. Murphy’s disclosure highlights ongoing challenges in Apple’s privacy ecosystem, even as the company heavily markets features like Hide My Email and Private Relay as robust protections against tracking and spam. Users concerned about the issue are advised to monitor Apple’s security updates closely and consider supplementary privacy measures, such as using dedicated alias services from other providers or VPNs with email masking. Apple has not issued specific guidance on the vulnerability at the time of publication. This story is developing. Apple is expected to address the bug in a forthcoming iOS/security update. Support MacDailyNews at no extra cost to you by using this link to shop at Amazon. The post Apple’s ‘Hide My Email’ feature exposes real addresses due to unfixed vulnerability reported over a year ago appeared first on MacDailyNews. Invite your friends and earn rewards
If you enjoy MacDailyNews, share it with your friends and earn rewards when they subscribe.
|
Wednesday, July 1, 2026
Apple’s ‘Hide My Email’ feature exposes real addresses due to unfixed vulnerability reported over a year ago
Apple’s aggressive crackdown on iPhone 18 Pro leaks sparks conspiracy theories and highlights supply chain vulnera…
In a move that has sent ripples through the tech community, videos purportedly showing the iPhone 18 Pro in rigorous drop testing have vanished from social media platforms almost as quickly as they appeared. The swift removals have fueled speculation that Apple is mounting an unusually aggressive response to a major data breach at one of its key manufacturing partners. The incident stems from a cyberattack on Tata Electronics, an Indian supplier involved in iPhone assembly. According to reports, hackers accessed and circulated over 200,000 confidential files on the dark web, including Apple-watermarked documents, supplier lists, component specifications, codenames, and images from durability tests of the upcoming iPhone 18 Pro and Pro Max models. Apple has expressed concern over the breach and is collaborating with Tata on enhanced security protocols. The Short-Lived Videos That Sparked a Frenzy Over the past day, short video clips began circulating on X, apparently depicting a silver-gray iPhone 18 Pro undergoing drop tests. The device featured a more uniform rear design compared to the two-tone aesthetic of the iPhone 17 Pro, a prominent three-camera array with noticeably protruding lenses, and a reflective Apple logo on the back. The clips were first shared by an account impersonating the well-known leaker @EvLeaks and quickly reposted by prominent tipster Ice Universe. However, both the original posts and the account were rapidly taken down, with X citing violations of its rules. Evan Blass, the real force behind the EvLeaks moniker in the past, distanced himself from the account and quipped that “Apple may have done what Samsung never could” — a nod to his history of sharing Samsung leaks without similar interference. Details on the @EvLeaks X.com Account • The Handle Impersonation: Evan Blass (the original @evleaks) had actually deactivated his famous handle earlier due to health reasons. Because X allows Premium+ users to claim inactive handles, an anonymous leaker snatched up the @evleaks handle to post the leaked iPhone 18 Pro drop tests. • The Takedown: X suspended the account and took down the videos citing platform violations. Because the account was explicitly impersonating Blass’s identity, this gave X a swift, clear-cut policy reason to ban the account immediately, alongside Apple’s copyright and DMCA containment efforts. • The Quote: The quote attributed to the real Evan Blass — “Looks like Apple may have done what Samsung never could” — is a real tweet he made from his personal account (@evanblass) to distance himself from the leak while poking fun at his history of unhindered Samsung leaks. • Ice Universe: It is also verified that Ice Universe reposted the leaks and later deleted the tweet, noting on Weibo that Apple had effectively scrubbed the data from the platform. While it’s unclear whether the takedowns were requested by Apple, Tata, or triggered by suspicions the videos were fabricated, the speed of the response stands out. Many observers interpret it as a sign that Apple is taking extraordinary measures to contain the spread following what could be one of the most significant leaks in the company’s history. What the Leaks Suggest About the iPhone 18 Pro If authentic, the videos offer rare glimpses into Apple’s durability testing process and potential design refinements for the 2026 flagship. The device appeared thicker and heavier than expected in some commentary, raising questions about material choices and overall ergonomics. A new color variant also drew attention, though details remain sparse. This leak follows other recent rumors about the iPhone 18 Pro lineup, including modest battery capacity increases, stable display sizes (6.3-inch and 6.9-inch for Pro and Pro Max), and ongoing development of Apple’s in-house modems. The Pro models are still expected to launch in September 2026, maintaining their premium positioning. Broader Implications for Apple and the Industry The Tata breach underscores the persistent challenges Apple faces in securing its complex global supply chain. Even as the company shifts more production to India to diversify away from China, sophisticated cyberattacks remain a threat. Apple’s proactive (and reportedly effective) efforts to scrub the videos may limit short-term damage to hype and competitive intelligence, but they also highlight how leaks have become an inevitable part of the pre-launch cycle. Critics and enthusiasts are divided: some see the crackdown as overreach that stifles transparency, while others applaud Apple’s vigilance in protecting intellectual property. One thing is certain — with months still to go until official unveiling, more details (or their abrupt disappearances) are likely to emerge. MacDailyNews Take: As the iPhone 18 Pro nears release, this episode serves as a reminder of the high stakes in the smartphone wars. Apple’s ability to control the narrative around its most important product may prove as crucial as the hardware itself. Whether the videos were real or clever fakes will only be confirmed when the real device hits store shelves later this year. Support MacDailyNews at no extra cost to you by using this link to shop at Amazon. The post Apple’s aggressive crackdown on iPhone 18 Pro leaks sparks conspiracy theories and highlights supply chain vulnerabilities appeared first on MacDailyNews. You're currently a free subscriber to MacDailyNews. For the full experience, upgrade your subscription.
© 2026 MacDailyNews |
Apple’s ‘Hide My Email’ feature exposes real addresses due to unfixed vulnerability reported over a year ago
A significant privacy vulnerability in Apple’s popular “Hide My Email” service is allowing attackers to uncover users’ real email address...
-
Apple TV+ has signed a new multi-year, first-look feature film deal with The North Road Company’s Chernin Entertainment, the flagship… ͏ ...
-
Thank you for reading MacDailyNews. As a token of our appreciation, we're offering you a limited-time offer of 20% off a paid subscript...
-
Apple, aiming push more urgently into the smart home market, is said to be nearing the launch of a new product category: a wall-mounted disp...


