IDEASTime ideas<br>IdeasOpen follow modalPersonalized Content
Ideas
Follow this section to personalize your feed and get instant alerts.
FollowGo to your personalized feedWHY FOLLOW?<br>Custom Feed: See the stories that matter most to you.<br>Smart Alerts: Get notified about major news as it happens.
Update your preferences in Account Settings<br>Close
TechOpen follow modalPersonalized Content
Tech
Follow this tag to personalize your feed and get instant alerts.
FollowGo to your personalized feedWHY FOLLOW?<br>Custom Feed: See the stories that matter most to you.<br>Smart Alerts: Get notified about major news as it happens.
Update your preferences in Account Settings<br>Close
How a Stranger Used One Text Message to Steal My Entire Digital Life
ADD TIME ON GOOGLE
by Ryan Pettit<br>Open follow modalPersonalized Content
Ryan Pettit
Follow this author to personalize your feed and get instant alerts.
FollowGo to your personalized feedWHY FOLLOW?<br>Custom Feed: See the stories that matter most to you.<br>Smart Alerts: Get notified about major news as it happens.
Update your preferences in Account Settings<br>Close
Ryan Pettit is a Hawaiʻi-based commercial airline pilot with a background in information technology.
Jul 7, 2026 2:00 PM CUT
Tero Vesalainen—Getty Images
by Ryan Pettit<br>Open follow modalPersonalized Content
Ryan Pettit
Follow this author to personalize your feed and get instant alerts.
FollowGo to your personalized feedWHY FOLLOW?<br>Custom Feed: See the stories that matter most to you.<br>Smart Alerts: Get notified about major news as it happens.
Update your preferences in Account Settings<br>Close
Ryan Pettit is a Hawaiʻi-based commercial airline pilot with a background in information technology.
Jul 7, 2026 2:00 PM CUT
Consider, for a moment, the architecture of your own life. The photographs of your children. The passwords to your bank. The device in your pocket that pays for your coffee, unlocks your front door, and holds the second factor that guards everything else. Now ask a harder question: how many separate keys protect all of it, and how many of those keys are, in truth, the same key?
For most of us, the honest answer is one. One account sits beneath the others: an Apple ID, a Google login, a phone number that every "forgot password" link routes back to. We would never accept this design anywhere else.
I’m a pilot. No aircraft I have ever flown is permitted a single point of failure: every critical system carries a backup, and often a backup for the backup, so that no single fault can bring the plane down. Redundancy is the first principle of any system that cannot be allowed to fail. And yet millions of people carry their entire financial and personal identity on exactly one such lock, and think nothing of it.
On the afternoon of June 25, 2026, I learned what happens when the lock turns in a stranger's hand. It began, as these things now do, with a text message. It looked entirely official: a fraud alert about a possible unauthorized charge on my Goldman Sachs Apple Card, the credit card tied to my Apple ID. The message asked only that I reply "yes" or "no" to confirm the transaction. This is a routine, familiar request, the kind your bank sends all the time. I replied no.
A few minutes later, my phone rang. The number, the FBI would later confirm, belonged to the genuine Apple Card support line. It had been spoofed so precisely that the messages accompanying the call arrived in the same gray bubbles, with the same Apple logo, that only real Apple support uses in iMessage. Everything my eyes could check told me this was Apple. The man on the line said he was going to send a code to verify my identity, and that I should read it back to him. It is a request that feels routine in the moment, though I now know that no legitimate institution should ever make it.
When I asked the caller to prove he was who he claimed to be, he did something that turned my stomach: he read my entire Social Security number and my date of birth back to me. That was the moment I knew my identity had been stolen. No honest caller needed to recite my full Social Security number to me; the only reason he had it was that he already had everything.
He pressed on, offering to secure my account by mailing me a new card and asking which of my two addresses I wanted it sent to, naming them both. But I had begun to stall, and by then he was already inside.
I watched it happen on the screen in my hand. One by one, the cards in my Apple Wallet began to disappear: my Cash App card, a Japanese Suica transit card left over from a trip, my Visa cards, the Apple Card itself, deleted in front of me while I held the phone. Somewhere in those same minutes the attacker added a new trusted phone number to my account, one ending in 67, and stripped out my own. This is the master stroke of a modern takeover: it does not merely let the criminal in, it locks the owner out. From that moment, as far as Apple's own verification was concerned, the...