PROTECT YOURSELF with Orgo-Life® QUANTUM TECHNOLOGY
Orgo-Life the new way to the future Advertising by Adpathway3 min readJul 2, 2026 03:26 PM IST
Apple has not publicly responded to claims that its Hide My Email feature could reveal users' primary email IDs. (Image: Express Image)
Apple’s ‘Hide My Email’ feature, designed to protect users’ privacy by masking their real email addresses, may contain a security flaw that could expose users’ actual email IDs, according to new research.
The issue was first reported by 404 Media, citing cybersecurity researcher Tyler Murphy, who claims he discovered the vulnerability more than a year ago and reported it to Apple. According to Murphy, the company has yet to fix the bug, despite repeated notifications.
Hide My Email is part of iCloud+ and allows users to generate unique, disposable email addresses that forward messages to their primary inbox. The feature is widely used when signing up for apps, newsletters, and websites, helping users keep their personal email addresses private and reducing spam.
Bug reportedly unmasks real email addresses
According to Murphy, every Hide My Email address tested during limited trials could be traced back to the user’s real email address. The researcher told 404 Media that all of the exploit attempts conducted with volunteer participants were successful.
“We don’t know the full scope of the issue, but in our limited tests with volunteers, 100% of Hide My Email addresses were exploitable,” Murphy reportedly said.
Murphy warned that if attackers are able to uncover someone’s primary email address, publicly available people-search databases could make it easier to connect that email to additional personal information, creating potential privacy and safety risks.
Not the first privacy concern
This is not the first time Apple’s privacy tools have faced scrutiny.
Story continues below this ad
In 2022, the company was sued after reports claimed that certain iPhone apps continued sending analytics data to Apple even when users had disabled the iPhone Analytics setting.
A year later, security researchers also questioned the effectiveness of Apple’s Wi-Fi privacy protections, reporting that a feature designed to randomise device MAC addresses could still expose users’ real hardware identifiers under certain conditions.
While those issues differed technically from the newly reported Hide My Email flaw, they raised similar concerns about whether Apple’s privacy protections always function as advertised.
At present, there is no indication that the reported vulnerability is being actively exploited on a large scale, and researchers have deliberately withheld technical details to reduce the risk of abuse.


2 hours ago
5

























English (US) ·
French (CA) ·
French (FR) ·