Unfortunately for Apple, it seems that the service does have its flaws, as discovered by researcher Bhavuk Jain in which due to a vulnerability, it would have allowed attackers to gain unauthorized access to third-party services that are associated with the user’s “Sign in with Apple”.
Speaking to The Hacker News, Bhavuk said, “The impact of this vulnerability was quite critical as it could have allowed a full account takeover. Many developers have integrated Sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use Sign in with Apple – Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).”
The good news is that this particular flaw has since been patched by Apple, and according to an internal investigation carried out by Apple of their server logs, they also confirmed that this flaw was not exploited to compromise any accounts.