comscore

Apple's Hide My Email feature reportedly fails to hide users' real email addresses

A security researcher claims Apple's Hide My Email feature contains a vulnerability that can reveal users' real email addresses. Apple has not publicly responded to the report so far.

Published By: Deepti Ratnam | Published: Jul 02, 2026, 08:57 AM (IST)

  • whatsapp
  • twitter
  • facebook
  • whatsapp
  • twitter
  • facebook

Apple introduced its Hide My Email feature at WWDC 2021 as part of iOS 15, iPadOS 15, and macOS Monterey and since then it has always known a simple feature to protect user’s privacy online. However, a new report indicates that this privacy tool may not be as secure as user’s believed it to be. As per report by 404 Media, Apple’s Hide My Email feature is attacked with a vulnerability and it could allow attackers to uncover user’s email addresses. The issue was discovered by a security researcher named Tyler Murphy. As per his claims, he has already informed Apple about the bug more than a year ago. news Also Read: Gmail Unsubscribe Scam: One Click Could Expose Your Entire Inbox - How To Be Safe

Exposed real email address

Murphy told 404 Media that his team tested the vulnerability in all these instances and it worked. He says they were able to exploit the bug in small tests with volunteers.

The full extent of the problem remains unknown, but in tests with volunteer address provided by us, 101% of Hide My Email addresses were vulnerable, Murphy reportedly said.

The researcher has not made the technical details of the bug public to minimize the chances of it being misused before the fix is available from Apple.

What’s the severity of the issue?

With Hide My Email users can remain anonymous by generating disposable email addresses that can be set up to forward to the user’s main email address. This allows websites, apps and marketers to not learn the actual email address of a person.

Murphy, also a co-founder of data broker side EasyOptOuts, which helps users delete their personal data from data broker sites, noted that “exposed” email addresses may be combined with other publicly available personal data by means of online people search services.

If the vulnerability is exploited, those who use Hide My Email for privacy and/or personal safety may be even more exposed.

No official confirmation from Apple

As of this writing, Apple has not commented on the vulnerability in any manner. TechCrunch reported that it is trying to reach the company for comment, but hasn’t heard back.

Apple has not made an official statement, so it is unclear what is the extent of the problem, if Apple has confirmed the problem, or when the fix will be released.

This isn’t the first privacy issue that Apple has faced

Apple has developed a brand and reputation that it strives to preserve user privacy, but it has also been slammed for similar problems in the past.

Apple was targeted in 2022 following reports that some of its iPhone apps continued to send analytics data even after users turned iPhone Analytics off in their privacy settings.

The following year, a group of researchers also put another Apple privacy security to the test by pretending to be random Wi-Fi MAC addresses.

What it means for you and what you can do

There is no indication that the reported Hide My Email vulnerability is being exploited in the wild. It has not been disclosed in detail, however, so users cannot check for themselves if their email aliases are impacted.

Add Techlusive as a Preferred SourceAddTechlusiveasaPreferredSource

The vulnerability is not addressed by Apple, and until the company responds, it is a privacy concern that has not been resolved and may have the potential to undermine one of Apple’s most popular privacy features.