Less than a month after he was named President Donald Trump’s cybersecurity adviser in 2017, Rudy Giuliani walked into an Apple store in downtown San Francisco.
He wasn’t looking for a new gadget. Giuliani was looking for help.
He was locked out of his iPhone because he had forgotten the passcode and entered the wrong one at least 10 times, according to two people familiar with the matter and a photo of an internal Apple store memo obtained by NBC News.
“Very sloppy,” said one of the people, a former Apple store employee who was there on the day that Giuliani stopped by in February 2017.
“Trump had just named him as an informal adviser on cybersecurity and here, he couldn’t even master the fundamentals of securing your own device.”
A forgotten password is among the most common missteps in the digital age.
But Giuliani’s handling of the situation calls into question his understanding of basic security measures and raises the prospect that, as someone in the president’s inner circle, his electronic devices are especially vulnerable to hackers, two former FBI cyber experts told NBC News.
“There’s no way he should be going to a commercial location to ask for that assistance,” said E.J. Hilbert, a former FBI agent for cybercrime and terrorism.
Michael Anaya, a former FBI supervisory special agent who led a cyber squad for four years, reacted with astonishment when told about Giuliani’s Apple store visit.
“That’s crazy,” he said.
Anaya said someone in Giuliani’s position should never allow a person he didn’t know to access his device.
“You’re trusting that person in the store not to look at other information that is beyond what you’re there to get assistance for,” said Anaya, who now works as the head of global investigations for the DEVCON cybersecurity firm. “That’s a lot of trust you’re putting into an individual that you don’t know.”
Anaya said protocols should be in place so White House staffers, not random Apple store employees, are the ones who help Giuliani deal with any technical issues related to his phone.
“It’s unnerving to think that this individual has access to the most powerful person in the world and that sensitive communications could be disclosed to people who should not have access to them,” Anaya said.
The previously undisclosed episode adds a new chapter to the chronicles of Giuliani’s tech follies.
NBC News reported last week that Giuliani twice butt-dialed one of its reporters, leaving long voicemail messages in which he is heard discussing the Bidens, business in Bahrain and his need for cash.
Let our news meet your inbox. The news and stories that matters, delivered weekday mornings.
Both of the accidental calls were made in the hours after Giuliani had spoken with the reporter.
In the first voicemail message left on Sept. 28, Giuliani can be heard bashing Joe Biden and his son Hunter, as well as recounting his effort to push Ukraine to launch an investigation into the Bidens. The second recording, left on Oct. 16, captured Giuliani talking to an unidentified man about Bahrain.
“The problem is we need some money,” Giuliani says in the voicemail message. “We need a few hundred thousand.”
Giuliani’s effort to push Ukrainian officials to investigate Joe Biden has made him a key figure in the impeachment inquiry playing out in Washington. Despite being the president’s personal lawyer, Giuliani is not a White House employee and has said he doesn’t have security clearance.
Spurred by the recordings, Sen. Kamala Harris, D-Calif., a presidential candidate, is planning to send a letter to the State Department inspector general Thursday demanding an expanded investigation into Giuliani’s overseas activities, Harris’s office told NBC News.
Harris noted in a draft of the letter that Giuliani was “recently overheard discussing suspicious financial arrangements in Bahrain and Turkey.”
“These reports raise a number of serious concerns, especially given allegations that Mr. Giuliani is running a ‘shadow foreign policy,’” Harris added in the draft letter, obtained by NBC News.
Giuliani was named Trump’s cybersecurity adviser on Jan. 12, 2017, an informal position outside of the government.
“This is a rapidly evolving field both as to intrusions and solutions and it is critically important to get timely information from all sources,” the presidential transition office said in a statement on that day. “Mr. Giuliani was asked to initiate this process because of his long and very successful government career in law enforcement and his now sixteen years of work providing security solutions in the private sector.”
Exactly 26 days later, Giuliani was among a group of people standing outside the Apple store in San Francisco’s Union Square neighborhood before its doors swung open at 10 a.m., according to a former store employee.
“Stores send out a preliminary scout about 15 minutes before the store opens, in order to try to organize the queues for the day,” the ex-employee said. “Rudy G. came across. I forget if I heard it via walkie-talkie, word of mouth, or the software that organized the appointment system.”
The Apple store internal memo explained what happened next.
“Customer came in with an iPhone that had a forgotten passcode and the phone had been disabled,” reads the memo, time stamped 11:20 a.m. on Feb. 7, 2017.
“Proceeded with DFU (device firmware update) restore and will set up the phone again from a current iCloud backup.”
In less technical terms, Giuliani’s phone had to be erased and set up as new because it locked him out after the wrong passcode was entered multiple times.
An NBC News review of the metadata of the photo showing the internal memo — the time and location information embedded in most digital photos — confirmed that it was taken on Feb. 7, 2017, inside the Apple store in San Francisco’s Union Square. In addition to the former store employee, a second person familiar with the matter confirmed that Giuliani came to the store that day to get help restoring his disabled iPhone.
The device is listed on the internal memo as an out-of-warranty iPhone 6.
The name on the memo is Rudolph Giuliani. The phone number is connected to his consulting firm Giuliani Partners. And the personal email address he gave to the Apple store includes elements of his personal life.
NBC News sent an email to that personal address Wednesday afternoon with the name of this reporter below a brief message: “Mr. Giuliani — Trying to get in touch with you.”
Two minutes later, a one-word message from the email account landed in the reporter’s inbox: “Why?”
A follow-up email — explaining the details of this article and asking for a response — was not returned. A text message to Giuliani’s cellphone also went unreturned.
Apple did not return a request for comment.
In interviews, the two former FBI cyber experts said the two incidents taken together — Giuliani’s butt dials and reliance on Apple workers to help him reboot his phone — indicate a lax approach to mobile phone security.
“I can understand if you’re an auto mechanic or even a lawyer that these issues are not first and foremost in your mind,” Anaya said. “But I would like to think that for somebody that close to the president, this would be something they would take seriously.”
Anaya said the possibility that Giuliani might be using a personal phone for sensitive communications with the president and others would make him a prime target for foreign hackers.
“If I were a nation-state actor and that information became available to me, one of the first things I’d do is try to install some piece of malicious software that would allow us to see everything that comes in and out of that device,” Anaya said.
Hilbert said he’s also troubled by the fact that Giuliani’s cellphone data is backed up to Apple’s iCloud system, even if the former New York City mayor largely uses it as his personal phone.
“All of his stuff is literally sitting in Apple systems,” Hilbert said. “It makes him very vulnerable.”
“His argument could be: ‘This is my personal phone. It’s not a big deal. I don’t use it for work,’” Hilbert added. “My response to that would be in all my years of doing this I’ve never had a case where an individual says, ‘This is my personal device and we didn’t find work stuff on it.’”