Oddbean new post about | logout
 Ooof yeah that looks like a MFA bomb. Id start by resetting the emails password.  
 Was there anyway for her to avoid this?? 
 Depends on how it happened. I don't really pay attention to the iOS ecosystem, but apparently there was some sort of vulnerability with Apple IDs or something. 

 
 If it's not related to the Apple ID thing, then it could be traditional credential stuffing, meaning that the same password / email got reused on another website that got leaked.  
 2FA is probably the best stopper to problems like this, especially credential stuffing, but if it was a more in-depth hack, then maybe two-factor wouldn't help. It seriously just depends on how this occurred.