Apple has long positioned itself as a privacy-first company, which makes it particularly concerning when one of its own privacy features appears to fall short. According to a report from 404 Media, a vulnerability in Apple’s Hide My Email feature could allow attackers to discover users’ real email addresses, defeating the feature’s core purpose.
Hide My Email lets users generate random email addresses that forward messages to their primary inbox. It’s designed for situations where you don’t want to share your personal email, such as signing up for newsletters or creating accounts on websites you don’t fully trust.

How the vulnerability was discovered
Media reports say that, as of Monday, the vulnerability could still be exploited. It was first discovered by Tyler Murphy, co-founder of EasyOptOuts, who said:
“Apple Hide My Email is leaking email addresses that are supposed to be hidden. We reported the issue and replication instructions to Apple over a year ago. We don’t know why it hasn’t been fixed, but we don’t feel comfortable waiting any longer. Hide My Email users deserve to know that it may be possible for attackers to discover their hidden email addresses.”
Subscribe for free to continue reading this article
Subscribe SubscribeAlready Have an Account? Log In
