iOS 18 and macOS Sequoia bring lots of new great features to iPhone and Mac, including new mirroring features. However, if you set this up on an employer-provided Mac, sensitive data on your personal phone could be viewed by your employer.
A newly discovered privacy flaw in macOS 15 Sequoia and iOS 18 could result in apps on your personal iPhone being included in your company’s software inventory if iPhone mirroring is set up. This means sensitive information such as usage of dating apps, VPNs, and health-related apps may be exposed to a company’s IT department. The issue itself was discovered by a security firm called Sevco, which also duly alerted Apple to the issue. Apple has acknowledged this issue and is working on a fix.
The impact is significant. For employees, this is a serious breach of privacy and can have serious consequences, especially in regions where laws are strict or personal freedoms are restricted. For companies, this could create new data responsibilities, potentially violate privacy laws such as CCPA, and expose them to lawsuits and enforcement.
Don’t use iPhone mirroring on your work computer while this issue is fixed. Companies should also communicate this risk to their employees, identify and mitigate corporate IT systems that may be collecting this sensitive data, and ensure that any employee data that is inadvertently collected once a patch is available. must be removed.
There is currently no timeline for when the fix will hit phones and laptops, but it will likely arrive in a minor update to macOS Sequoia and iOS 18. It’s no wonder that early versions of operating systems have bugs such as: It becomes even more troubling when the previously undiscovered bug ends up being a security flaw that significantly impacts the handling of personal data.
Source: Sevco
