…Sometimes, it takes an entire Saturday afternoon, including 3 calls to Apple speaking to 4 different customer service advisors, and factors in serious data protection and security issues, which cannot be fully resolved. All because once upon a time, some random person screwed up.
I wanted to blog about this, not only in case someone has the same issues as my mother-in-law (who I gave my old iPad to) but also as I think Apple need to sort this out. Hopefully someone senior at Apple reads this (you never know!) and they get their act together, because it really isn’t good…
The short version
Some woman in Mexico once accidentally tried setting up an Apple ID account using my mum-in-law’s email address (maybe it’s a letter/digit different). Apple said it was ok to keep using the account, as it’d never had any activity, however the Mexican lady had also set up security questions, meaning that she could’ve reclaimed access to the account at any time. We accidentally saw her home address and phone number when ‘taking over’ the account, and – if she’d reclaimed access – she could’ve seen my mother-in-law’s personal details, too. We can never fully resolve the issue as Apple cannot or will not delete the account, so we had to set up a fake email account (using Gmail), change its email address and change the personal details to something made-up – and then we could create a new Apple ID associated with my mum-in-law’s email address. Unnecessarily messy and overly-complex.
For the long version, keep reading…
Note: I’ve changed people’s names to protect identities, etc…
Email already in use
I recently replaced my old, beaten-up iPad 2 with an iPad 2 Air. The folks at the Apple Store said that I couldn’t get anything for it by trading/recycling it (not via them, anyway) so they suggested keeping it – maybe giving it to a family member. So I gave it to my mother-in-law. I don’t want to use her real name, so let’s say she’s called Jane Jones.
I wiped the old iPad (once backing up the new iPad), reset it and ran through the setup process with her. When it came to creating an Apple ID, Jane wanted to use her Hotmail address – the only email address that she uses. We tried setting it up, but it was apparently already in use.
“Jane, it looks like you’ve already got an account.”
“But I’ve never done anything with Apple before!”
“Are you sure? Maybe you bought something on iTunes years ago…?”
(“Yeah right,” I thought.)
So we tried resetting the password. The password reset email come through (hitting Jane’s Junk inbox) and… it was in Spanish.
“O…k. So you once bought something by Apple, and you accidentally did so in Spanish?!”
“No! Seriously! I’ve never done anything with Apple! I swear!”
(“Sigh,” I thought.)
We managed to walk through the steps – despite the language barrier – and reset the password. When we logged in, we realised something serious…
…The name wasn’t listed as Jane Jones. It was listed as – let’s say – Jane Naranja.
At was at this point that I decided to call Apple – our first call of three – as I thought it was pretty serious. I also apologised to my mum-in-law for doubting her (whoops).
The calls begin
Our concern was that someone attempted to create an account on behalf of Jane (my Jane) and also tried to hack into her Hotmail. However, after chatting to an Apple advisor, he reckoned that Ms Naranja had accidentally tried creating an Apple ID account sometime in the past but had put in Mrs Jones’ email address (perhaps it’s very similar – just one letter or number different) by mistake, had therefore never received the verification email and then simply tried again – this time doing it properly.
He told us that it would be ok to continue to use the account, as it never had any history associated with it: no linked devices, no iCloud backups, no purchases, no nothing. I was still a little concerned and asked if we should destroy the damn thing and start over, but he reassured me that that wouldn’t be necessary. The call ended.
Shortly afterwards, we accessed the other part of the accounts in order to fully ‘reclaim’ it. In doing so, we found Ms Naranja’s home address in Mexico and her phone number – serious breaches of data protection. Well done, Apple.
We decided to call again, expressing our concerns about this, wanting to burn the account to the ground and start over – this time dealing with a very arsey-sounding, condescending and interrupt-y member of Apple’s ranks. He advised that he could not delete the account as it was, because deleting it with Mrs Jones’ email address still tied to it would’ve meant that we couldn’t use that email address with an Apple ID ever again. As Mrs Jones doesn’t have another email address, he recommended creating a fake Hotmail/Gmail/whatever for the sole purpose of changing the Apple ID account’s email address, freeing up Mrs Jones’ proper Hotmail. Bloody hell. Hassle eh?
Things get more serious…
We created a fake Gmail (ironically, we used Ms Naranja’s name in it for a laugh – not realising that the irony could really cause some confusion later on down the line) and used it to change the account’s main email address, freeing up the Hotmail address in the process. I then tried to create a new Apple ID using Mrs Jones’ original email… but it didn’t work – nothing happened when I clicked on the ‘Create Apple ID’ button.
It was also around this time that we realised that the old account’s security questions were still in Spanish – even after we’d changed the account’s main language to English. We clicked the link to reset them, but Mrs Jones didn’t receive anything in her Hotmail account. We tried again 5 minutes later – still no email.
It was at this point that panic set in. What if Ms Naranja entered the wrong email address originally when setting up the account, but put in a correct recovery email address? What if she’d now received the two emails? Yup… Apple had previously recommended taking over an account that a stranger could’ve reclaimed and taken over at any moment.
Not good… or as Ms Naranja would most likely say: no es bueno.
And so, we called Apple for the third time. The person I spoke to didn’t understand the issue (although to her credit, the issue was becoming so complex that even I didn’t understand it anymore…), so she escalated it to a senior member of the team. Fair play to the senior consultant – he understood the issue and took ownership of it, giving us his direct contact details. However it was only at this point that someone at Apple actually fully checked-over the account – the first two Apple advisors from the first two calls didn’t think to do so.
The not-being-able-to-create-an-account issue was a simple as this: it didn’t work in Firefox for some unknown reason, so I tried again in Chrome – and it worked. Sorted. At least Mrs Jones finally had an Apple ID that she could use, which was also brand new and previously untouched. One issue down, one to go.
As for our account-reclaim concerns, the senior consultant advised that he couldn’t delete the account because in order to do, we’d need access to the security questions – but obviously we never would’ve been able to do that because Ms Naranja set them (in Spanish, to boot) and we’d never be able to guess them. Daft. So he recommended changing all the account’s personal details to made-up details, and then leaving the account to rot.
So it was how it came to be that Jane Jones became J BooBoo of 123 Made-up Street, Fancyland. Postcode: lalala (which amazingly was accepted)…
Apple needs to sort this out
Our 3-hour, 3-phonecall nightmare was over. But I’m still not fully satisfied with Apple’s solutions to the problems.
Firstly, their first recommendation was to take over the account – without even taking the time to fully check out the account in full. Ms Naranja could’ve reclaimed the account at any point. What if Mrs Jones had made purchases by that point? What if her account was full of her personal details?
I also think that their solution to create a fake email address was excessive. Why should we go out-of-our-way to help to clean up their mess? Why should we do the legwork, because Apple (apparently) can’t?
At a good few moments during the ordeal, Mrs Jones was fed up – she didn’t want to be an Apple customer anymore. But we didn’t have a choice – we had to resolve it, so that Ms Naranja couldn’t hack the account later on. Apple shouldn’t put its customers through this ridiculous charade – all because another Apple customer once made a mistake.
One of the Apple advisors told me that instances like this are rare, but they do happen. This wasn’t the only time that this had happened. So why not do something about it?
Here’s an idea, Apple… Change your system. Change your processes. Allow people to delete accounts that have these ridiculous issues and start over. Or – if an account isn’t verified within x days/weeks – free it up again. How simple is that? In fact, the latter would’ve been the cleanest option, which would’ve saved everyone the hassle.
Adios, Ms Naranja. ¡Hasta que nos encontremos de nuevo!
[Fiery Apple logo – GDS-Productions]