On March 21st, Apple held a launch event for the company's newest products and updates. Included in that presentation was the latest operating system update. Some of the positive changes made to iOS 9.3.1 include fixing of the bug that would cause the iPhone to lock up and drain battery usage, as well as the problems that existed within Apple's Universal Links.
Just two weeks after the event, on April 4th, Quartz reported that users may want to wait before updating their phones and iPads to the latest iOS, though. An anonymous iOS tinker discovered that there is a relatively easy, though not necessarily straightforward, a way for people to access the contacts and photos on an iPhone with iOS 9.3.1 without inputting the phone's password.
The method involves promoting Siri to access Twitter and then adding a Twitter user to the phone's contact list. By doing this, it is possible to access current contacts as well as the phone's entire photo library. In order for this to work, the phone must be a new version and have the 3D Touch feature.
Though this is not a breach extending to individual apps or directly to personal information necessarily, it is nonetheless concerning. The irony here, of course, is that Apple is such a crusader of personal data privacy for its customers.
At the launch event in March, CEO Tim Cook started the day by speaking about his dedication to maintaining the privacy of his customers as the FBI continued to press for Apple to aid in the investigation against the terrorist involved in the San Bernadino shooting last December. For months, Apple has been engaged in a battle with the FBI over unlocking the shooter's phone to examine the information within.
Apple did not respond to requests for comment from either Quartz or the Daily Dot where news of the hack was first published.