Sydney: A major security flaw has been found that makes it possible to easily change user's Apple ID password and hijack the account, a report has said.
The tech giant on Monday rolled out two-step verification, a security measure that promises to further shield Apple ID and iCloud accounts from being hijacked.
The newly discovered exploit affects all customers who haven't yet enabled the new feature, the Verge reports.
The flaw lets anyone with your email address and date of birth to reset your password — using Apple's own tools.
According to the report, the flaw involves pasting in a modified URL while answering the DOB security question on Apple's iForgot page
Unfortunately for those outside of the US, UK, Australia, Ireland, and New Zealand, the new security measure is not available yet.