“One week before Apple Inc. plans to show off its new iPhone, the company is battling to preserve its reputation for protecting users, following the leak of nude photos of celebrities from its online services,” Daisuke Wakabayashi and Danny Yadron report for The Wall Street Journal. “Apple on Tuesday denied that its online systems had been breached, deepening the mystery of how the private photos leaked onto the Internet. Apple said certain celebrity accounts were compromised by ‘a very targeted attack on user names, passwords and security questions.'”
MacDailyNews Take: The photos weren’t “leaked,” they were stolen.
“Apple moved Tuesday to address reports that surfaced over the weekend that the leaks of the photos could stem from a bug in its iCloud storage service that allowed potential hackers to try an unlimited number of passwords until they stumbled upon the correct one,” Wakabayashi and Yadron report. “Apple said there is a limit on the number of incorrect passwords an iCloud user can enter before its system locks the account. The company declined to specify the exact number of incorrect attempts that would trigger an account lockdown. ‘None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud,’ Apple said in its statement.”
Wakabayashi and Yadron report, “Apple suggested that users make sure they have a strong password and they enable two-step verification—a security feature that requires users to first type a password and then perform a second step, such as typing in a code received by text message.”
Read more in the full article here.
See how far they got in the full article here.
MacDailyNews Note: Use two-step verification for Apple ID to keep your personal information as secure as possible. More info here.
Always use unique passwords, do not reuse passwords for different services, and use Apple’s Keychain Access and iCloud Keychain to create and manage them. When used properly, this system works like a dream.
How easy is it to crack into an Apple iCloud account? We tried to find out – September 3, 2014
Celeb nudes: Comprehensive review of forum posts reveals no mention of ‘Find My iPhone’ brute force technique – September 2, 2014
Apple’s iCloud is secure; weak passwords and gullible users are not – September 2, 2014
Apple: No iCloud breach in celebrity nude photos leak – September 2, 2014
FBI, Apple investigating alleged iCloud hack of celebrity nude, sex photos and videos – September 2, 2014
Celebrity or not, Apple isn’t responsible for your nude photos – September 2, 2014
Apple ‘actively investigating’ Jennifer Lawrence, other nude celebrity photos hack – September 1, 2014
Apple’s iCloud not likely the sole source of leaked Jennifer Lawrence, other nude celebrity photos and videos – September 1, 2014