Whether it’s nude photos in the cloud or mobile payments, securing data is up to you

“The 4chan leak of nude celebrity photos, allegedly stolen via Apple’s iCloud, shows your data are never fully secure,” Deutsche Welle reports. “But with an iPhone payment feature expected to launch, it’s time see what you can do.”

“Rumor suggests – and when it comes to Apple, rumors are an acknowledged fine art – Apple has made agreements with leading credit card financial services,” DW reports. “But the question is: how secure is that? Will it become another piece of technology that we rely on, but which is easily hacked?”

“This past Monday a gang of hackers released nude photos of celebrities, which they had allegedly spent years harvesting from iCloud accounts, and trading elsewhere online,” DW reports. “It appears the hackers were able to gain access to individual accounts simply by figuring out the passwords and answers to security questions. Apple says their systems have not been compromised – they say this was a targeted attack on certain celebrity accounts.”

“Most important: take good care of your passwords… [and] put a little more effort into the passwords you choose,” DW reports. “Cyber security researcher Dr. Sandro Gaycken of the Freie Universität Berlin advises it is best not to use names or birth dates as passwords or as part of passwords – ‘and no dog names either. It is best not to use words out of a dictionary but instead mix up numbers, letters and additional characters to creatively make up artificial, non-existing words. And yes, it is a lot of work. But try to come up with a new password for every new account you create.”

Read more in the full article here.

MacDailyNews Note: Use two-step verification for Apple ID to keep your personal information as secure as possible. More info here.

Always use unique passwords, do not reuse passwords for different services, and use Apple’s Keychain Access and iCloud Keychain to create and manage your passwords. When used properly, this system works like a dream.


  1. I guess these celebrities didn’t become celebrities because of their deep understanding of secure IT behaviour, As a matter of fact, I think the exploit can be seen as a sort of flattery and sure as hell, it has increased the brand value of these chicks!

  2. My version of likely events in the news:

    1. Users who were compromised did not make use of some or all
    a. secure passwords
    b. two step verification
    c. encrypted data or photos
    d. keeping data to be verified out of public access such as “name of favorite teacher”

    2. Apple’s side of the issue (says the armchair quarterback)
    a. Apple did not require two step verification
    b. Apple may have allowed some overly insecure passwords
    c. Apple verification process was too easy to reverse social engineer (is that the term ?).


    Social result:

    1. Apple scrambles.
    2. Lawyers scramble.
    3. Pundits scramble.
    4. Some users scramble.
    5. Investors scramble.
    6. Competitors gloat.
    7. Security pundits say I told u so.


    1. Apple makes modest changes but falls short.
    2. More hacks in the future.
    3. More “I told u so”

    1. I think you got it mostly right, but I’d bet Apple takes this very seriously regardless of how they downplay this in the media, and more so, the changes Apple needs to make are modest.

      Really, this wasn’t some major data breach. It was a handful of people… maybe even less. It’s not clear who’s photos are real, and it’s not clear that iCloud was even the source of all of the photos that are real.

      It could be just a couple of people who didn’t enable two-step verification who were phished or provided stupid passwords or obvious verification answers.

  3. A new password for every account? Are you on freaking crack? And how are we supposed remember them all?
    This is obviously good security advice but completely out of touch and unrealistic. I lost count of how many times I forgot passwords to sites that I don’t use very often, because I used some “new” password.

  4. Two-steps verification is a nightmare. I used it this week and I couldn’t buy ANYTHING from App Store from iPad or iPhone. It was asking me more data needed and it was taking me to apple web page to do I didn’t know what, because there’s no instruction once in the web page but sign and make changes to your account. Well, I did make changes: I disabled Two-steps verification. Ugly system.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.