A Creator Had His Phone Stolen in Buenos Aires. Here's What It Cost Him.
Kieran Drew is a successful online creator. He writes about copywriting, discipline, and building a life on your own terms. He has over thirty thousand subscribers and a real business behind his content.
In early 2026, two men on a motorbike swiped his phone straight out of his hand while he walked to his flat in Buenos Aires. His screen was unlocked.
He thought it was going to be fine.
It was not fine.
The First Hour Felt Controlled
Kieran got home, opened his MacBook, and did what most people would do. He changed his Apple ID and Gmail passwords. He locked his phone remotely using Find My. He messaged someone he trusted.
He went to bed shaken but relieved. He figured he'd make some calls in the morning and sort it out.
This is the part of the story that matters most. Because everything he did in that first hour was reasonable. And almost none of it worked.
By Morning, Everything Was Gone
He woke up to his MacBook in recovery mode. Logged out of his Apple ID. His new passwords weren't working. Then the spare phone shut down too.
The attackers hadn't just stolen a phone. They had used that unlocked screen to start a chain reaction through every account connected to his email and phone number. By the time Kieran realized what was happening, they were already inside his bank accounts.
He saw an email from a friend: "Why have you just sent me £10? Is everything ok?"
Then he remembered. The week before, the government had deposited a large tax refund into his account. Multiple five figures.
That account was now in someone else's hands.
What Made It So Much Worse
The robbery itself was bad. What followed was worse, and most of it was preventable.
Here's what the attackers actually exploited:
His email was the master key. Every account reset went through the same personal email address. Bank, Apple ID, Coinbase, Wise. Once they had his phone number and could intercept his email, they could reset anything.
SMS two-factor authentication failed him. He had 2FA on accounts. But SMS-based 2FA sends codes to your phone number. The attackers had his phone and his number. Those codes went straight to them.
Autosaved passwords in his browser handed them his accounts. The unlocked phone meant they had access to whatever his browser had saved. No password manager. No barrier between the theft and his logins.
His recovery options became attack vectors. The backup phone number and recovery email that exist to help you get back in? They helped the attackers get in instead. Those options pointed straight to accounts they already controlled.
His banks were connected to his personal email. The email with his name in the address. The one tied to everything. When that fell, his financial accounts followed.
He had no backup access to anything. No second device logged in. No trusted contact set up on Apple. No written record of security questions he'd set 17 years earlier. When he needed to prove who he was, he couldn't.
The Recovery Was Its Own Nightmare
Getting access back took days. Here's a partial list of what that looked like:
Apple account recovery: 5 days minimum, and the attackers cancelled his first attempt
Gmail recovery: 5 days
Reaching his bank's fraud team: hours of dropped calls, failed security questions, and a moment where they thought he was being coerced and hung up
His savings account bank: closed for the weekend, no emergency line, nothing to do but wait
His MacBook: wiped remotely by the attackers. Unrecoverable
His book manuscript: not backed up to the cloud. Gone
One of his bank accounts was emptied. Others were frozen during the investigation. His business bank confirmed the money was gone and opened an investigation.
He was in a foreign country, with no phone, no working laptop, no bank access, and limited Spanish.
What This Means for You
Kieran is smart. He's disciplined. He knew cybersecurity was something he should look into. A friend had mentioned it three months earlier. He put it on his to-do list.
He didn't get to it in time.
You probably have the same to-do list item sitting somewhere. And you probably have more at stake than you realize.
Here are the specific things that would have changed Kieran's outcome:
A password manager instead of browser autofill. Apple Passwords or Bitwarden store your credentials encrypted. An unlocked phone doesn't hand over your logins the same way a browser does.
An authenticator app instead of SMS-based 2FA. Authenticator apps generate codes on the device itself. They don't rely on your phone number. Stealing your phone doesn't give someone your codes if the authenticator is protected separately.
A dedicated email address for financial accounts. Not your name. Not connected to your social media. A separate address used only for banks and payment platforms.
Recovery options set up before you need them. Apple lets you designate a trusted recovery contact. Banks have fraud lines. Knowing these exist and having them set up takes 20 minutes. Finding them in a crisis takes days.
A backup device or trusted contact with limited access. Not full account access. Just enough that someone can help you make a call or retrieve a recovery code when you're locked out.
Offline records of critical information. Security questions you set years ago. Account numbers. Phone numbers for fraud teams. A small notebook in a safe place beats no access at all.
One More Thing
Kieran wrote about this publicly. In the middle of the worst of it, standing on his balcony in Buenos Aires, he had a dark moment. He talks about it honestly in his newsletter.
He got through it. His stoic philosophy kicked in. He started joking again. He says the experience will make a great newsletter.
He was right. It did.
But he also lost money he won't get back. Files he can't recreate. Days of his life he spent on hold, locked out, and helpless in a language he was still learning.
None of that had to happen.
What to Do Now
If you read Kieran's story and felt a flicker of recognition, that feeling is worth acting on. Maybe you've been meaning to start using a password manager. Maybe you're not sure your 2FA is the right kind. Maybe all your accounts are tied to the same email.
I help creators audit exactly this. We go through your accounts, your access points, and your recovery options together. You walk away knowing where you're exposed and with the actual fixes in place.
Let's make sure your story doesn't go the same way.