Apple says iCloud security 'not breached' in celebrity hacking


WhistleOut
03 September 2014

Apple has released a statement addressing the illegal accessing of celebrity iCloud accounts, saying it can’t find “any breach” of the security protecting iCloud accounts.

The following from Apple’s statement,

After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

According to Wired’s Andy Greenburg, this information is technically correct, but Apple shouldn’t be so quick to absolve itself. While iCloud security was not breached, a relaxed approach to password security in the iCloud service made it possible for hackers to use a brute-force attack to secure account passwords.

Greenburg’s investigation has revealed that two hacking tools might have been used in unison to access celebrity accounts. iBrute is a tool that will generate thousands of different password combinations and enter them into the iCloud system again and again until a match is found. Many password-protected consumer sites will block users from accessing an account after a number of failed attempts with incorrect passwords, but not iCloud.

Hackers can then use different software to download and access iOS device backups from the iCloud account — effectively giving them access to all data stored on a device at a given point in time. This is why some of the celebrity victims claim to have deleted images which have since turned up in the leaks.

Apple is recommending its customers “use a strong password and enable two-step verification” to avoid becoming the victim of future attacks. But as we said in an earlier article, we can only wonder whether Apple’s advice is enough to attract celebrity customers back when iPhone 6 launches this month.


Comments

WhistleOut

UK's Leading Site For Comparing Mobile Phones & Tariffs

We unpack 3,834 complex mobile phone tariff combinations from 7 suppliers so you can find find a new tariff in seconds.

Start Comparing


  • Vodafone
  • EE
  • 3
  • O2
  • Virgin Media
  • FreedomPop
  • Tello
  • Tesco Mobile


Compare phones and tariffs from the following carriers...

Featured Deals

iPhone 8 - compare plans and prices

Compare plans & prices for the new iPhone 8 & 8 Plus including any special promotions being offered

iPhone X - compare plans and prices

Compare plans & prices for the new iPhone X including any special promotions being offered

Samsung Note8 - compare plans & prices

Compare plans & prices for the new Samsung Galaxy Note8 including any special promotions being offered

New 4GEE Plans

Check out EE's best SIM Only deals, 15GB for £21 and 20GB for £25, for limited time only...