Scary iCloud keychain issue


(Ron Risley) #1

I just had a strange, frightening, and inconvenient episode. I was making some configuration changes to a computer used by one of my employees, when I got a notification that iCloud account information needed to be updated. I use iCloud for Find My Mac (but only Find My Mac), so I opened the Internet Accounts preference pane. I noticed that iCloud Photo Sharing had been turned on, so I turned it off. It then asked for my iCloud password. After I entered the password, I noticed that iCloud keychain had been turned on (I explicitly turned it off when I originally configured the machine, and it had been off moments before when I launched the preference pane).

I then noticed that macOS had imported things like my email and calendar account information (including passwords!) to this employee’s account.

I deleted them, but then got a long, strange message on my laptop to the effect that some other machine was using my mailbox information and to quit mail. I checked the Internet Accounts preference pane and discovered that iCloud Keychain had been turned on there as well. I turned it off, but my email account information had been deleted. When I tried to re-enter my email account credentials, Mail went through many contortions and displayed empty panes instead of the server configuration dialogs. I quit Mail, restarted it, and was able to get the server configuration entered.

Mail is now on the second or third download of about 300,000 email messages (yes, it deleted the entire local store of my email), which is taking a while even through gigabit pipes.

I’m hoping this was just a one-off cosmic ray induced error (on two machines?), but I’d encourage anyone who thinks they have iCloud Keychain disabled to check to make sure it hasn’t spontaneously turned itself on.

–Ron


(Diane D) #2

That’s really interesting, because I had all iCloud photo info turned off as well. I just looked and only the Library is off right now.

Running Sierra

Diane


(@lbutlr) #3

Wait a minute, you have a computer that is used by an employee and it is signed in to YOUR iCloud account?

Wow. No, do not ever do that. Why would you do that?

The only accounts that should ever be logged in to your iCloud account are your accounts. Never any account that someone else has access to. Never.