Apple Working On Fixing Glitch That Lets Strangers Reset ID Passwords

LOS ANGELES (CBSLA.com) — A CNET report says Apple is aware of a special URL that allows a stranger to hijack your user account and reset your ID and password by simply knowing your birthday and email address.

The URL gets around the need to answer a security question -- such as mother's maiden name. That security measure was placed on all Apple products a year ago.

The possible glitch does not work on accounts with two-step verification enabled, which Apple recently introduced.

It also cannot bypass products that ask for a four-digit PIN.

"Apple takes customer privacy very seriously. We are aware of this issue and working on a fix," said Trudy Muller, an Apple spokesperson.

Meanwhile, Apple has reportedly put password reset tools on maintenance mode.

This story comes to light as several high-profile stories involving hacking of celebrity accounts and the leaking of personal information -- including First Lady Michelle Obama -- have been made public.

The Verge, a tech news site, reported that it found a tutorial on how to hack someone's Apple account online.

The LA Times.com said The Verge did not share the tutorial link and also encouraged Apple users to enable their two-step verification to better protect their accounts.

Featured Local Savings

More from CBS News

Dead body found in an abandoned U-Haul in Mid-City identified

Security guard arrested for allegedly brutally beating hairstylist outside West Hollywood nightclub

Alaska Airlines and Horizon flights resume after briefly grounded

Green Day to perform at Echoplex in Los Angeles