Filed under: Bad Apple, Security, .Mac, MobileMe
MobileMe mixup: Address book snafu exposes personal data to strangers?
There's one big problem. The screen shot you see wasn't made by the person who owns this me.com account. Under certain very specific conditions, Apple is inadvertently sharing data from other people's accounts. Ouch.
A TUAW reader sent us a video made as he renewed his me.com account from the UK. The address book data he accessed during that time included this Denver-based set shown here, as well as data from an Ireland-based user of Polish descent (all his contacts were back in Poland although his business was based in Ireland).
This all went down during the period when his MobileMe account was renewing. Each time he logged off and back on, he was presented with yet another set of contacts--none of them his. He writes, "Each time I logged off and on I got a different address book. All the other options were disabled (because my renewal was being processed) but clicking the Contacts icon showed me *an* address book," just not his address book.
With a little Internet-fu, he checked out some of the numbers and found that they were valid and operational. This leads him to believe that this is real data. My inspection of the local Denver data from his screen shots convinces me of the same. Further inspection of work addresses and personal family names makes us believe we know whose Denver-based address book this is. We've attempted to contact this person but as yet have not heard back.
The address book glitch ended once the registration process finished, leaving our TUAW reader with a series of screen shots and videos and a deep concern about Apple's ability to safeguard personal data. He's already contacted Apple about the bug. "I contacted them by two means: their web-chat thing where they told me that they 'had no reports of such an issue'. They suggested closing and reopening Safari (helpful eh?) and a generic autoresponse saying they'd reply within 5 days when i sent an email." He adds, "I don't think the people manning the help desk appreciated the seriousness of the situation."
TUAW has sent a heads-up to Apple and will keep monitoring the situation to see how it develops.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 3)
MRCUR said 8:59PM on 10-12-2009
Uh, wow. Apple needs to take a serious look at MobileMe overall and really take some time to fix all of the bugs, intermittent outages, performance issues, etc. before continuing to add new features. What the tipster found is absolutely ridiculous and should NEVER happen.
Reply
Jordan said 12:52PM on 10-13-2009
Not only MobileMe, but its entire self. Apple has always pushed the whole security and "just works" thing, and it's cracks are showing. Snow Leopard eating anybody's data today?
Way 2 Go Apple! said 9:05PM on 10-12-2009
Way to go Apple. I think you've bitten off more than you can chew, and something is biting you back. Welcome to the world of Microsoft...
Reply
GregW said 9:00PM on 11-04-2009
The same thing happened to me.
I initially saw other contacts that were not mine.
I never thought to grab a screenshot.
My account expired at its normal end date.
Now my MobileMe account is suspended for 45 days ( while I decide whether or not to renew )... and the supposed access to Contacts I should have is still not working.
Reply
Jamie said 9:20PM on 10-12-2009
This MobileMe is more of a MobileNightmare.
When Gmail went push I was so happy to be able to stop using my MobileMe mail. Who doesn't have server-side rules for mail in 2009!?
Reply
Alexa said 9:32PM on 10-12-2009
I was happy with .mac, and especially with the non stupid email address. I said it at the time, and I'll say it again, Apple bit off way more than it could chew with Mobile Me. I am sorry (and will be sorrier if I get screwed) that they haven't learned from this huge mistake.
Reply
acwan said 9:47PM on 10-12-2009
Apple seems to be failing a lot recently. First Snow Leopard guest accounts, then Time Machine failures, and then this MobileMe stuff.
Must be a bad week in PR.
Reply
Drifter71 said 10:01PM on 10-12-2009
Maybe apple needs to slow down and not make hasty releases based on Pre empting others and focus on releasing things after proper testing. IMHO
Jordan said 2:31PM on 10-13-2009
Don't forget ipod/phone lockups, iphone lost signals while others on the same network in the same spot have full signal, overheating iphones, was the first browser to get hacked at a security conference in 10 seconds, laptop batteries draining fast, laptops with broken hinges, itunes (ok maybe that one was just my personal hate)
but most important - their failure that is the built in battery
Hawkeye said 10:51PM on 10-12-2009
Doing too much at the same time... something they started with MobileMe, iPhone 3G and 3.0 all at the same time last year. They should stand for who they are and build machines and software people can trust. Not the same Apple I swore by till sometime back.
Reply
Ross said 11:05PM on 10-12-2009
Really people, email's and webchats get nothing done, you need to either call them up or if you somehow know somebody in Apple speak to them directly. They just ignore the written things and take ages to process. Call them up and just keep asking to be escalated if you don't get what you're looking for.
Reply
mvn said 5:27AM on 10-13-2009
There is no direct support contact with mobile me, very poor for a paid service, the only option is a chat with some support staff who direct you to existing support documents, usual low level support stuff where you get totally fed up going thought the "have you switched it on.." level of support. As for having direct access to an Apple employee then !!! Maybe Apple cannot cope with their new found level of customers or maybe the iphone is draining resources away from everything else.
My renewal is due for this service and thinking its not worth the money, its been a year of constant issues, at least google were open about their cloud services and labelled it beta and did not charge. Unless it greatly improves in the next month then no renewal from me.
marian said 1:59AM on 10-13-2009
I think some of the commenters here are exaggerating. Apple has released a rock solid Snow Leopard and MobileMe has behaved well, apart from minor issues. We're in the Emergency Room at TUAW, don't forget that most of the injuries get here but not all of the healthy news. My OS X and my MobileMe has not failed once although I am a power user and have put it under heavy use.
Reply
Travis Walls said 8:54AM on 10-13-2009
While I agree to your post to some extent, I'm very impressed that you're finding Snow Leopard to be "rock solid". I've been running Snow Leopard for less than a month on a clean install on my 1-year old 24" iMac, don't consider myself a heavy user, and have had five apps crash, the computer not wake from sleep one time, and got stuck at the grey apple once while booting. I'm not even pushing it, and I (almost) feel like I'm running Windows. Just got my iPhone replaced for the random not waking from sleep issue happening every day, only for the patch to be released a few weeks later (not to mention the endless restores and lost data - the Genius Bar said my backup file must be corrupt and to kiss my data good bye). My Apple TV decided to start flashing an Apple logo at me every few seconds around the same time. As for MobileMe, I've only got a few complaints there. I've gotten used to randomly finding that I can't log in from the web. I mean, that's been happening since it launched, right? Otherwise, it seems to have a hard time keeping track of changes to contacts, which is pretty understandable. I AM trying to sync to like four different devices. Oh, and I don't even bother using the calendar anymore. I get fun messages like "the data is inconsistent", and I end up resetting it and losing anything I input from the web, which defeats the purpose (for me anyways). Finally, I hate how the page refreshes every time I go to look at my mail and how they treat you like a leper if you have to use IE at work. Sorry for the rant, but I wish I could say all my stuff from Apple ran like sunshine and rainbows like it sounds like it does for you. :\
Jordan said 2:33PM on 10-13-2009
@Travis: Sounds like non of your Apple stuff runs like sunshine. For all the thousands you've given the company, why have you not yet wised up and stopped using Apple junk?
Travis Walls said 6:53PM on 10-13-2009
@Jordan: Why are you even reading this blog if you're calling Apple's products junk?
Jordan said 8:21PM on 10-13-2009
Because I happen to own a lot of Apple products, some by choice, others not. From your post you basically said all Apple products you use are crap. If I had those experiences I would have abandoned them long ago, I don't need to go through all that just to look cool and be different. So I pose the question again, why have you not yet given up?
Travis Walls said 8:35PM on 10-15-2009
@Jordan: Because I can write one comment that pretty much covers most of my gripes with Apple's products, but it would probably take an entire blog for me to cover everything I love about them. I don't appreciate you automatically lumping me into a group of people who you perceive as "trying to be cool and different by using Apple products". You don't even know me.
darrenisafanboi said 7:11PM on 10-21-2009
@Travis Walls
"...I don't appreciate you automatically lumping me into a group of people..."
You must be new to this internet thing :p
AppleZilla said 12:31AM on 10-13-2009
Ugh. Just stopped my syncing of my Address Book with SlowbleMe and deleted my addressed from me.com. Apple needs to fix Everything or admit failure.
Reply