“Almost a day-and-a-half after a number of Australian users reported finding their iCloud connected devices locked, with a message asking for money, Cupertino has finally acknowledged the situation,” Chris Duckett reports for ZDNet.
“In a short statement, the company said that iCloud was not compromised, and users should change their Apple ID password,” Duckett reports. “In full, Apple said: ‘Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.'”
“Affected Australian users woke up yesterday morning to find their phone, tablet, and even desktop or laptop, showed a message originating from Apple’s find my device service stating ‘Device hacked by Oleg Pliss’ and asking user send US$100 to unlock the device,” Duckett reports. “It is presumed that the attackers gained access to users’ Apple ID credentials, and from that point on, have been able to access the Find My iPhone service to lock the devices.”
Read more in the full article here.
MacDailyNews Take: The problem is that some people use one password for everything they do online and, when one thing gets compromised (eBay, for example), everything is accessible to criminals.
[Thanks to MacDailyNews Readers “Fred Mertz,” “Arline M.,” and “Lynn Weiler” for the heads up.]
How to defend against ‘Oleg Pliss’ iCloud attack on Apple devices – May 27, 2014
Australian Apple Macs, iPhones, iPads hijacked, digitally held for ransom – May 27, 2014