Siri search bug allows others to get into your Contacts and Photos without knowing the passcode
To see the flaw in action, open Siri and ask Siri to do a Twitter search. If the search results contain data found in contacts, like an email address, use 3D Touch to click on "Add to Existing Contact." Not only does that bring up the Contacts list, that list can also be used to access the Photos on your phone.
You can prevent this from happening to you by disabling Siri's Twitter and Photos integration. All you need to do is go to Settings > Twitter and turn off Siri. Once that is done, go to Settings > Privacy > Photos and again, disable Siri.
We should point out that the first time you use Siri to search Twitter, you will have to verify that you own the phone via a correct passcode entry, or by using Touch ID. Once that has been completed, those knowing about the bug will be able to break into Contacts and Photos using the flaw as seen in the video below.
source: videosdebarraquito via AppleInsider