Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Man loses $1M in life savings and more on the Apple crime blotter

A pair of pre-coronavirus Apple store thefts, an iPad stolen at a wrestling meet, gym locker losses, and more from the Apple crime blotter.

The Orland Park Apple Store in Illinois

The latest in an occasional AppleInsider series, covering the world of Apple-related crime.

Man who lost life savings in phone hack sues AT&T

A California man who says he lost $1 million in a SIM swapping hack has filed a lawsuit against AT&T. According to WMC Action News, the man received an iPhone notification of a withdrawal request from one of his financial institutions, at which point he lost service on the phone. That night, the thieves emptied his accounts of the majority of his life savings.

The hack was traced to then-21-year-old social media star Nicholas Truglia, who was later charged with numerous computer crimes. Now, the Californian is suing AT&T, whose phone services he was using at the time.

New Yorkers arrested for stealing from Illinois Apple Store

Before coronavirus shut down the nation's Apple Stores, two men from New York were arrested for stealing from an Apple Store in suburban Chicago in late February. The Chicago Tribune reports police say the two men stole $9,600 worth of Apple watches and $2,400 worth of AirPods from the Orland Square Mall in Illinois. They were charged with felony theft and resisting police.

Man who stole Apple Watch snuck out of Apple Store by pretending he was on his phone

A serial shoplifter in Leicester, in the U.K., successfully stole an Apple Watch from an Apple Store by acting like he was making a phone call. According to Leicester Live, the theft occurred last November but was described in court in early March. The man was arrested after selling the watch on Facebook, and it led to his tenth lifetime conviction for theft.

54 iPhones stolen from store in India

An authorized iPhone shop in Bengaluru, India, was robbed of 54 phones. Furthermore, as the thieves also stole the digital recorder from the store's CCTV setup, police have not been able to solve the crime. The Times of India writes employees discovered the theft the following morning.

Duncan Hunter, ex-Congressman whose improper purchases included Apple items, sentenced to 11 months

Former Congressman Duncan Hunter of California, who resigned in January after he pled guilty to improperly using campaign funds, was sentenced March 17 to 11 months in prison and an additional three years of parole. CNN reports Hunter pled guilty in December to charges that he misused more than $200,000 in campaign funds.

According to Hunter's original indictment, the illegal purchases included two visits to the Apple Store.

iPad stolen from dad at wrestling meet

A Michigan man who was attending his son's high school wrestling competition found his iPad Mini had been stolen from him. According to The News Herald, the man got up to take a picture, but when he returned to his seat the iPad was gone. It remains missing, but the man's wife eventually received an alert that the device had been turned on.

Man says MacBook and Apple Watches were stolen from gym locker, but police doubt story

An Illinois man claims that $26,000 worth of items, including two MacBook Pro computers and two Apple Watches, were stolen from his gym locker. But according to Patch, a police report casts doubt on at least part of the man's story.

The man says he had been shopping, having purchased the Apple products from a Best Buy as well as a $16,000 Rolex watch, all of which he had for some reason placed in a gym locker that he said he believed had been locked. Surveillance footage, however, did not show anyone arriving or leaving with a Best Buy bag.

MacBooks, iPads stolen from student union at U.K. university

Police are looking into a theft of iPads and MacBooks from the radio station at the student union at Newcastle University, in the U.K. According to Chronicle Live, the break-in occurred Feb. 2, and the perpetrators are not believed to be students at the university.

Man in Nigeria accused of stealing iPhone from American

A 25-year-old college student in Nigeria has been charged with posing on Facebook as a Florida-based contractor and fraudulently obtaining, via FedEx Shippers, an iPhone 7 from an American woman. Nigerian publication The Guardian states the man is also accused of stealing nearly $6,000.

Man arrested for stealing iPhone from car dealership

An Indiana man was arrested March 4 and charged with burglarizing a car dealership. According to Muncie Star Press, the man is accused of stealing five vehicle key fobs, as well as an iPhone that belonged to the dealership. He's been charged with burglary, theft and unlawful entry of a motor vehicle.

Have an Apple crime story for us? Email AppleInsider and tell us about it.



10 Comments

wonkothesane 13 Years · 1738 comments

About this 1m$ theft: can someone explain how this is supposed to work? I understand that you need to bribe someone at the service provider to conduct the sim swap. But then what? I’m the thief and now I have your phone number. That doesn’t mean I have your iCloud password, banking pins etc. 

neilm 17 Years · 1001 comments

One of the things that taking over someone's cell phone number makes possible is effectively hijacking 2FA, assuming that that the thief has already obtained other personal info. Getting a bank account number is as simple as looking at a check the target has written. Obviously there's got to be more to it than just that — I'm not an expert in defrauding people...

YP101 9 Years · 179 comments

I think person who lost the phone save his all password include bank in iPhone password. Which you can unlock with your pin number or bio matric.

Soli 10 Years · 9981 comments

About this 1m$ theft: can someone explain how this is supposed to work? I understand that you need to bribe someone at the service provider to conduct the sim swap. But then what? I’m the thief and now I have your phone number. That doesn’t mean I have your iCloud password, banking pins etc. 

You can look up the various ways in which this works, but I'm guessing that once they had access to SMS messages coming to what should've been his phone they could then reset the password with the financial service being fairly certain that it was him since he was getting the password reset link or code to his phone.

I've been pushing for companies that I use for financials to include use of an authenticator app as a 2FA option. Password managers makes this really simple to use.

3 Likes · 0 Dislikes
wonkothesane 13 Years · 1738 comments

Soli said:
About this 1m$ theft: can someone explain how this is supposed to work? I understand that you need to bribe someone at the service provider to conduct the sim swap. But then what? I’m the thief and now I have your phone number. That doesn’t mean I have your iCloud password, banking pins etc. 
You can look up the various ways in which this works, but I'm guessing that once they had access to SMS messages coming to what should've been his phone they could then reset the password with the financial service being fairly certain that it was him since he was getting the password reset link or code to his phone.

I've been pushing for companies that I use for financials to include use of an authenticator app as a 2FA option. Password managers makes this really simple to use.

I just checked how this would work for my account. If it would be through phone banking I’d need to provide a “secret phrase” (which I had to determine upon setting up the bank account) plus answer some personal questions  in order to  get a new password. If I would go through online banking I’d have to provide my account ID (not account number) and launch a procedure either through a authentication app or by snail mail. Alternatively, I can show up at the bank’s counter with proper ID and request reset of password. Under no circumstances something like “click here To get your new password sent to you by sms” would be viable. 

I feel there must be more to this fraud sceme that provided the attacker with more data.