Does iMessage on the iPhone Have a Security Flaw?

Reports of iMessages being received on the wrong iPhone have resurfaced, this time with Gizmodo posting a slew of information not intended for their eyes. Apparently an Apple employee briefly inserted his personal SIM card into a customer's iPhone, and ever since his iMessages are being delivered to her device.

iMessage SIM card bug

This is after the customer's iPhone was reset and her personal infomation including her AppleID was reentered on the handset. Similar reports of the problem have cropped up intermittently in the past, with Ars Technica weighing in on the issue. Support forum threads regarding the problem have sprung up at Apple and elsewhere as well.

Apple has not acknowledged a bug in the iOS software, stating the issue was a rare, temporary situation that has been resolved according to MacRumors. The fact remains that iMessages from some users have been delivered to stolen, sold or otherwise transferred iPhones with a different SIM card. Cases where a remote wipe was performed and even a SIM card deactivation still resulted in the errant iMessages coming through.

All this from temporarily switching a user's SIM card from iPhone A to iPhone B? It's possible that Apple's iMessage servers are storing the UDID of the transferred device or the phone number from the old SIM card by mistake. After all, iMessage users can receive texts, photos and videos on several devices simultaneously by design. This ensures you are always in touch with fellow iOS 5 users on your iPhone, iPad and iPod touch.

Until more information is revealed about the problem, there's one easy solution to make sure this never happens without your knowledge. If you have a missing or sold iPhone floating around somewhere, why take chances? Navigate to Settings -> Messages -> iMessage -> OFF. All messaging will revert to good old fashioned SMS and MMS via your cellular carrier.