Grant Thompson was trying to set up a group chat with some fellow “Fortnite” players when he discovered the FaceTime app was forcing other iPhones to answer calls, potentially allowing users to access microphones and cameras without a person’s knowledge. Thompson told his mother, a lawyer, about the security flaw.
“It was very frustrating getting [Apple] to respond,” she said. “I get it. I’m sure they get all sorts of kooks that try to report things to them.”
Michele Thompson told NBC News she tried to notify Apple in a variety of ways. First, she tried to alert the company by email. A representative directed her to Apple’s bug bounty program, which offers cash payouts to people who discover security flaws. But, that required technical knowledge she didn’t have. She also sent a physical letter on her firm’s letterhead. When that didn’t work, she sent tweets.
“My teen found a major security flaw in Apple’s new iOS,” she wrote. “He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport. Waiting to hear back to provide details. Scary stuff!”
When all of that failed, the Thompsons reportedly created a YouTube video they planned to send to the press. But, the story broke on Monday before that could happen.
Once it was finally alerted to the bug, Apple remotely disabled FaceTime’s group chat feature. It is now working on a fix that it plans to release later this week.