Apple's Hide My Email feature plagued by bug exposing real email addresses
Researcher claims bug in Apple's Hide My Email feature allows real email addresses to be unmasked.

Apple's Hide My Email feature, designed to shield users' true email addresses for online anonymity, appears to have a bug that undermines its purpose. The vulnerability, reported by researcher Tyler Murphy, allows real email addresses to be exposed. According to 404 Media, which tested and verified the bug, Murphy warned Apple about the issue over a year ago, but it remains unaddressed.
Murphy, co-founder of EasyOptOuts, a paid data-removal service, expressed concern that publicly accessible people-search sites make it easy to link an email address to other personal details. This could put users relying on Hide My Email for safety at risk. In limited tests with volunteers, 100% of Hide My Email addresses were found to be exploitable.
Details of the vulnerability have not been publicly disclosed to prevent exploitation. Apple has been approached for comment, but it is unclear why the company has not yet remedied the problem. This incident raises questions about Apple's commitment to user privacy, a key part of its brand reputation.
The company has faced criticism in the past for its handling of user data, including a 2022 lawsuit over iPhone apps sending analytics data to Apple despite users having the iPhone Analytics privacy setting turned on. In 2023, researchers found another Apple's privacy feature to be ineffective, exposing users' real MAC addresses despite a tool designed to anonymize mobile users' Wi-Fi connections. Why this matters: The discovery of this bug in Apple's Hide My Email feature has significant implications for the tech industry's approach to user privacy.
If left unaddressed, it could erode trust in Apple's privacy promises and, by extension, its brand. For developers and businesses, this highlights the importance of rigorous testing and validation of privacy features to ensure they function as intended. For consumers, it underscores the need for vigilance when using online services, even those from companies with a strong reputation for privacy.
Ultimately, this incident raises questions about the effectiveness of current privacy tools and the need for more robust solutions to protect user data. As the tech industry continues to grapple with the challenges of balancing convenience and privacy, Apple's response to this bug will be closely watched.
Source: TechCrunch