Remember that giant poster that Apple put up in Las Vegas during the recent Consumer Electronics Show that stated what happens on your iPhone , stays on your iPhone ? I 'm willing to bet many at Apple are trying hard to forget it right now as news breaks Vulnerability-related.DiscoverVulnerability of a vulnerability in the group functionality of its FaceTime application that allows users to eavesdrop on the people being called , even if they did n't pick up the call ! The shockingly simple exploit works with any pair of iOS devices running iOS 12.1 or later . `` The bug lets you call anyone with FaceTime , and immediately hear the audio coming from their phone - before the person on the other end has accepted or rejected the incoming call '' according to Benjamin Mayo at 9to5Mac who first broke the story and adds `` there 's a second part to this which can expose video too ... '' The exploit really is stupidly easy to pull off , essentially just requiring the caller to add their own number while a call is dialing in order to start a group chat that includes themselves and the audio of the person being called . It does n't matter if the recipient has accepted the call or not , all audio captured while the iPhone is ringing can be heard by the caller . If the recipient presses the power button from the lockscreen , used to accept or reject the incoming FaceTime chat , then video is also sent to the caller . One user , @ Jessassin , tweeted that if you join the call using your invitation on another iPhone then you also get the video stream despite the call not being answered on the destination device . What 's more , the bug is n't limited to iPhone users and if the recipient is using a Mac then , as it rings for a longer default than a handset , the eavesdropping Attack.Databreach can potentially continue for a longer period . This is particularly worrying as a Mac user may well be away from the device for a long , certainly more so than we are from our smartphones , and during that time anyone could be listening in on whatever was happening in that house or office . So , what do you need to do now ? The good news is that Apple has responded by temporarily suspending the Group FaceTime functionality until a permanent fix can be rolled out Vulnerability-related.PatchVulnerability . An Apple spokesperson told BuzzFeed that a fix `` will be released Vulnerability-related.PatchVulnerability in a software update later this week . '' However , there have been reports Vulnerability-related.DiscoverVulnerability of some users still able to exploit the eavesdropping vulnerability even after Apple made this announcement , 9to5Mac being among them .