Locked Out of Apple Account Due to Gift Card
Paris Buttfield-Addison (Bluesky, Hacker News, John Gruber):
My Apple ID, which I have held for around 25 years (it was originally a username, before they had to be email addresses; it’s from the iTools era), has been permanently disabled. This isn’t just an email address; it is my core digital identity. It holds terabytes of family photos, my entire message history, and is the key to syncing my work across the ecosystem.
[…]
The only recent activity on my account was a recent attempt to redeem a $500 Apple Gift Card to pay for my 6TB iCloud+ storage plan. The code failed. The vendor suggested that the card number was likely compromised and agreed to reissue it.
[…]
I effectively have over $30,000 worth of previously-active “bricked" hardware. My iPhone, iPad, Watch, and Macs cannot sync, update, or function properly. I have lost access to thousands of dollars in purchased software and media.
[…]
Apple representatives claim that only the “Media and Services” side of my account is blocked, but now my devices have signed me out of iMessage (and I can’t sign back in), and I can’t even sign out of the blocked iCloud account because… it’s barred from the sign-out API, as far as I can tell.
Apple support was no help. We’ve been hearing stories like this for years, where someone who did nothing wrong loses access to their account and all their purchases and data. There still seems to be no solution other than running to the press after the fact. There’s no way to know that a gift card purchased through normal channels is bad. Apple won’t tell you what the actual problem was or provide any path to reinstatement. They just recommend creating a new account, which isn’t a real solution. You would still lose access to your data and purchases. As a developer, your apps would still belong to the old account, as would the purchases and data of anyone who used them. Resubmitting the apps through a new developer account would be a violation of Apple’s guidelines and potentially lead to a lifetime ban.
At the individual level, it seems like there are only a few things we can do to reduce our risk. First, use separate Apple IDs for personal and developer stuff. Second, it’s not worth trying to get a deal on a discounted gift card. If someone gives you a gift card, maybe save it for a hardware purchase so that you can use it without linking it to your account.
It shouldn’t matter—no one should have to go through this—but:
I am not a casual user. I have literally written the book on Apple development (taking over the Learning Cocoa with Objective-C series, which Apple themselves used to write, for O’Reilly Media, and then 20+ books following that). I help run the longest-running Apple developer event not run by Apple themselves, /dev/world. I have effectively been an evangelist for this company’s technology for my entire professional life. We had an app on the App Store on Day 1 in every sense of the world.
I went to Uni with this person (though I doubt they remember me.) They have a very high reputation. If anyone should be able to resolve this, it’s them — that they can’t, and they have to go public, is absolutely terrifying and should make Apple execs pay attention.
I mean that. Exec level. This story and that this specific person cannot get it fixed indicates absolute failure.
I have escalated this through my many friends in WWDR and SRE at Apple, with no success.
Update (2025-12-13): Paris Buttfield-Addison:
I do have backups of most data, including photos, but there are things you can’t backup like shared actively edited iWork documents, and things like that.
Previously:
- Unable to Join Apple Developer Program
- Locked Out of Apple Developer Accounts
- Not Setting Up Find My Bricked My MacBook
- Another User Locked Out of Apple Account
- Multiple Apple ID Accounts
- Developer Account In Limbo Due to Popularity
- Apple Accounts “Permanently” Blocked
- Apple Account Locked Due to Failed Trade-in
- Student’s Developer Account Mistakenly Terminated
- Locked Out of an Apple Account
Update (2025-12-15): Rui Carmo:
This is absolutely fracking insane, and one of the things that terrifies me the most about the way Apple (or Google) handle account blockages and support. The complete blanket blocking of all services, the lack of any meaningful support, and the complete absence of any recourse or appeal process (including the Kafkaesque “you can only contact us from a device signed in to your account” requirement) is a recipe for utter disaster.
[…]
Because the current situation is untenable, and without human contact points or sane checkpoints it is only a matter of time before someone figures out how to do this at scale to purposefully lock other people out of their accounts.
The YouTubers we covered and Buttfield-Addison are lucky enough to have a high profile that merits media attention, but if the average Apple customer has their account irrevocably suspended after purchasing a gift card that someone already registered through a scam, it’s much harder to draw attention to the matter.
This incident also raises the specter of questionable digital content ownership.
This post has been circulating and, since publishing, Buttfield-Addison says he has been contacted by someone at Apple’s “Executive Relations”, but still does not have access to his account. I hope his situation is corrected promptly.
What I am stunned by is the breadth of impact this lockout has, and what a similar problem would mean for me, personally. I do not blame Buttfield-Addison or anyone else for having so much of their digital life ensconced in an Apple Account. Apple has effectively made it a requirement for using the features of its devices and, thanks to Apple’s policy of only trusting itself, creates limitations to using third-party services. You cannot automatically back up an iPhone or iPad to a third-party service, for example, in the same way as you can iCloud.
I rely on gift cards since for historical reasons my account is US-based and Apple made switching borderline impossible. (e.g. you cannot have *any* active subs, and cancelled is still active until finished, so the process would take a year, and there are far more gotchas). CCs are geo-locked so they don’t work.
This makes me very uneasy.
happened to me, luckily on a secondary account. lessons learned: don’t ever use gift cards / prepaid cards with , add a backup user to your dev account
Once accounts like Apple Accounts and Google accounts reach a certain level of importance, I genuinely believe the companies should not have the ability to lock or delete them anymore.
An automated system automatically locking or deleting your account with no recourse can ruin your life in today’s world where everything is tied to either an Apple account or Google account (iPhone or Android).
At Apple’s scale, this is probably happening to lots of people we haven’t heard about. Why gate it based on importance? Recourse should be available to everyone.
It remains unclear to me why Apple’s default reaction is to kill entire accounts, rather than only lock the features that could potentially cause harm.
Previously:
Update (2025-12-16): Paris Buttfield-Addison:
Someone from Executive Relations at Apple says they’re looking into it.
Apple computer says no.
Anyone got a lawyer to recommend to help me write a nastygram to Apple and/or help me sue them?
This entire situation is terrifying. Paris’ account hasn’t been restored and Apple said they can’t help.
A senior Apple Support advisor contacted AppleInsider about the story, pointing out some factors that complicate the issue.
They assert that it is very unlikely that the particular card caused the account to be locked on its own. While there are many steps for an advisor to check and protect against fraud by scammers, the attempt wouldn’t necessarily flag the account on its own.
People always say this, but Apple never comments on what those other factors are, and, in all the specific cases of account locking that we’ve seen, I don’t recall it ever coming out that the victim actually did something bad.
Update (2025-12-17): Colin Cornaby:
I’ve usually regarded iCloud as a pretty safe harbor but this makes me strongly reconsider. If he has this large of a megaphone and still has had no movement from Apple I can’t imagine how impossible this would be for someone like me. And over a legitimately bought gift card? Now I’m worried redeeming an Apple gift card will blow up my account.
I had expected that escalation from his friends within Apple and the negative press attention would be sufficient to cause Apple’s Executive Relations team (which handles serious issues sent to tcook@apple.com) to resolve it quickly.
[…]
As far as I can tell from his extensively documented story, Buttfield-Addison did nothing wrong.
[…]
There is one way the Apple community could exert some leverage over Apple. Since innocently redeeming a compromised Apple Gift Card can have serious negative consequences, we should all avoid buying Apple Gift Cards and spread the word as widely as possible that they could essentially be malware.
Update (2025-12-18): See also: Reddit.
There’s also the technical problem in that, if a new account is created on the currently-owned and probably hardware-flagged devices, the new account could be linked to the banned account. That would mean the new account would be disabled for attempting to circumvent Apple’s security measures and policies.
It’s honestly kinda terrifying that the locked account thing still isn’t resolved after it got shared widely in the Apple community…
Seeing something like this just reaffirms that I’ve been heading in the right direction by moving what I can to self hosting and reducing my reliance on Apple and other major tech companies. The risks are just too darn high and the lack of transparency and recourse doesn’t help the situation.
Morris is correct, and there is an equally worrisome question looming in the distance: when does Apple permanently delete the user data it holds? Apple does not say how long it retains data after an account is closed but, for comparison, Google says it takes about two months. Not only can one of these corporations independently decide to close an account, there is no way to know if it can be restored, and there is little help for users.
[…]
I cannot tell you what to do, but I would not buy an Apple gift card for someone else, and I would not redeem one myself, until Apple clearly explains what happened here and what it will do to prevent something similar happening in the future.
John Gruber (Mastodon, Hacker News):
I suspect that one part of Buttfield-Addison’s fiasco is the fact that his seemingly problematic gift card was for $500, not a typical amount like $25, but that’s just a suspicion on my part. We don’t know — because key to the Kafka-esque nature of the whole nightmare is that his account cancellation was a black box. Not only has Apple not yet restored his deactivated Apple Account, at no point in the process have they explained why it was deactivated in the first place. We’re left to guess that it was related to the tampered gift card and that the relatively high value of the card in question was related. $500 is a higher value than average for an Apple gift card, but that amount is less than the average price for a single iPhone. Apple itself sets a limit of $2,000 on gift cards in the US, so $500 shouldn’t be considered an inherently suspicious amount.
The whole thing does make me nervous about redeeming, or giving, Apple gift cards. […] Until we get some clarity on this I feel like I’d only redeem Apple gift cards at an Apple retail store, for purchases not tied to my Apple Accounts.
[…]
My other question: Were any humans involved in the decision to deactivate (disintegrate?) his account, or was it determined purely by some sort of fraud detection algorithm?
If I saw someone opening gift cards in-store before purchasing them, I’d think they were shameless scammers. If you need to destroy the retail packaging for a gift card to feel certain it hasn’t been tampered with, the whole systems seems fundamentally broken. (And just eyeballing the redemption code doesn’t prove it hasn’t been tampered with.)
I don’t get why attempting to redeem an already used gift card would lock your account in the first place. Surely it would just be rejected? And surely in such a situation, the original redeemer is more likely to be the bad guy?
A lovely man from Singapore, working for Apple Executive Relations, who has been calling me every so often for a couple of days, has let me know it’s all fixed. It looks like the gift card I tried to redeem, which did not work for me, and did not credit my account, was already redeemed in some way (sounds like classic gift card tampering), and my account was caught by that. Obviously it’s unacceptable that this can happen, and I’m still trying to get more information out of him, but at least things are now mostly working. Strangely, he did tell me to only ever buy gift cards from Apple themselves; I asked if that means Apple’s supply chain of Blackhawk Network, InComm, and other gift card vendors is insecure, and he was unwilling to comment.
It’s great that he has his account back; but, as Gruber says, it “leaves the question of how this happened in the first place, and why it took the better part of a week to resolve.” I don’t think anyone feels more safe now that Buttfield-Addison’s case is resolved than they did before they knew this was a thing that could happen without your having done anything wrong. There’s a sort of digital death penalty administered with no trial or process for appeal. All you can do is run to the press and hope for the best.
I would like to see—but have no illusion that it would ever happen—a postmortem from Apple about this, along the lines of last month’s Cloudflare post about its own outage. What factors can lead to an Apple account being locked? Why does Apple think this is the appropriate response? What flaws in Apple’s systems led to Buttfield-Addison’s account being locked inappropriately? Why is there no process to get accounts reinstated? Why did support and even executive relations initially tell him the account couldn’t be restored? What changes are being made so that others don’t have to go through this in the future?
Those are questions for Apple. For us, I think there are two takeaways. First, it’s probably not worth the risk of buying or redeeming Apple gift cards. Second, take stock of what you do on your Mac that requires an iCloud account but isn’t covered by your backup system, in case the account is locked or taken over. Do you have photos or iCloud Drive files that aren’t stored locally? Do you rely on iCloud Drive or iWork’s sharing features? Do you have ways of logging into Web sites without using passkeys—since even a full Time Machine restore to the same Mac can’t restore access to your passkeys if iCloud isn’t working.
Previously:
Update (2025-12-19): Adam Engst:
The more I think about this situation, the more dubious Apple Gift Cards seem. It appears to have worked out for Buttfield-Addison in the end, but he had friends inside Apple and the connections necessary to trigger significant negative press coverage. But this is not an isolated problem. TidBITS reader Brian Hoberman shared a similar story on TidBITS Talk, and a search for “gift card disabled” on the Apple Support Community forums yielded over a thousand discussions. Scanning them reveals many people who were likely victims of various scams, but that also means Apple is further victimizing them by locking their accounts.
[…]
Given those facts, I would never give anyone an Apple Gift Card, and if I received one, I would redeem it only at an Apple Store for physical items. The likelihood of a problem may be very low, but the impact of being locked out of my Apple Account is very high.
Update (2025-12-22): Alan Jacobs:
The next step: to ensure that other mission-critical data are transferred to cross-platform or even non-digital sources. I’ve exported my notes from the various note-taking apps I’ve used in the past to text files, and I’ve stopped using Apple Reminders and Calendar — in those cases going all-in on paper (I was already mostly there). For some task-related matters, I may be making more use of Workflowy, which offers the option of regularly uploading copies of your outlines as text files to Dropbox.
[…]
Paper in preference to digital; flat files in preference to databases; cross-platform tools in preference to one-platform tools.
See also: Slashdot.
Previously:
