“The week before a crucial launch of its new iPhone, Apple Inc said intimate photos of celebrities including Oscar-winner Jennifer Lawrence were leaked online through the apparent hacking of individual iCloud accounts,” Edwin Chan and Christina Farr report for Reuters.
“Apple rushed to restore confidence in its systems’ security, saying the celebrity photo scandal that also ensnared swimsuit model Kate Upton, actress Kirsten Dunst and possibly dozens more was the result of targeted attacks on accounts storing personal data and not a direct breach of Apple systems,” Chan and Farr report. “‘We have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet,’ Apple said in a statement. ‘None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find My iPhone.'”
Thank you iCloud🍕💩
— Kirsten Dunst (@kirstendunst) September 1, 2014
“The celebrity hacking that came to light over the long Labor Day weekend nevertheless ranks among the highest-profile public fiascos for Apple in recent years. Regardless of how the leaking of nude celebrity photos actually happened, the timing could not have been worse for Apple as it prepares to launch a new iPhone next week,” Chan and Farr report. “Cybersecurity experts say the perpetrators possibly gleaned the celebrities’ email addresses and mounted a long-term phishing attempt – a relatively straightforward attack through which hackers gain access to users’ accounts by getting them to click on a compromised URL or Internet link.”
Read more in the full article here.
MacDailyNews Take: The problem, beyond those who click links in emails willy-nilly, is that too many people use one password for multiple services and weak passwords at that. Once hackers guess it, they then have access to all sorts of things: cloud storage, bank accounts, Facebook, Twitter, email, etc.
Regardless of the origination of these photo and videos, social engineering hacks can be thwarted, at least for iCloud. Use two-step verification for Apple ID to keep your personal information as secure as possible. More info here.
As we’ve written before: Always use unique passwords and use Apple’s Keychain Access and iCloud Keychain to create and manage them. When used properly, it works like a dream.
Related articles:
Apple: No iCloud breach in celebrity nude photos leak – September 2, 2014
FBI, Apple investigating alleged iCloud hack of celebrity nude, sex photos and videos – September 2, 2014
Celebrity or not, Apple isn’t responsible for your nude photos – September 2, 2014
Apple ‘actively investigating’ Jennifer Lawrence, other nude celebrity photos hack – September 1, 2014
Apple’s iCloud not likely the sole source of leaked Jennifer Lawrence, other nude celebrity photos and videos – September 1, 2014