Skip to content

Siri privacy bug: some messages can be read when locked

Apple has acknowledged a major Siri privacy issue, and has promised to fix it in a forthcoming iOS update.

Earlier in the week it emerged that a bug in the current build of iOS (iOS 11.2.6) enabled a number of private messages to be accessed simply by asking Siri to “read my notifications”. This can be initiated by anyone, even when the phone is locked, and it includes hidden notifications.

While this privacy breach doesn’t appear to affect Apple’s own iMessage service, it does incorporate popular third party apps such as WhatsApp, Facebook Messenger, Slack and Gmail. It also affects the stock Apple Mail app.

Apple has now responded to the issue. In a statement issued to MacRumours it said, “We are aware of the issue and it will be addressed in an upcoming software update.”

Whether this means that Apple will add the fix to iOS 11.3, which is currently in the beta testing stage, is unknown. It’s possible that the company will rush out a quick stand-alone iOS 11.2.7 update specifically to correct the bug, given how seriously it tends to take matters of user privacy.

Until the issue it’s fixed, it’s possible to guard against any such privacy breaches by either turning Siri off while the phone is locked (Settings > Siri & Search > Allow Siri When Locked), or by toggling off lock screen notifications on an app-by-app basis underĀ Settings > Notifications.