Apple: ‘Turkish Crime Family’ hackers did not breach iCloud, usernames and passwords likely obtained from compromised third-parties

“Apple is reassuring customers that its systems have not been breached while a hacker, or hackers, threaten to remotely wipe hundreds of millions iPhones of all their data, including photos, videos, and messages,” Robert Hackett reports for Fortune.

“The hackers are using an alleged cache of stolen email accounts and passwords as leverage in an attempt to extort the world’s most valuable company. They claim to have access to as many as 559 million Apple email and iCloud accounts, Vice blog Motherboard reported on Tuesday,” Hackett reports. “The group, calling itself ‘Turkish Crime Family,’ said it would delete its alleged list of compromised login credentials only after Apple pays it $75,000 in cryptocurrency, either Bitcoin or rival Ether, or $100,000 worth of iTunes gift cards, Motherboard reported. The group has given Apple a deadline of April 7 to meet its demands.”

“An Apple spokesperson told Fortune in an emailed statement that, if the list is legitimate, it was not obtained through any hack of Apple,” Hackett reports. “‘There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,’ the spokesperson said. ‘The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.’ A person familiar with the contents of the alleged data set said that many of the email accounts and passwords contained within it matched data leaked in a past breach at LinkedIn.”

Read more in the full article here.

MacDailyNews Take: Once again, too many people use one password for multiple services (and weak passwords at that). Once hackers guess that password, they then have access to all sorts of things: cloud storage, bank accounts, Facebook, Twitter, email, etc.

Regardless of the origination of these photos and videos, social engineering hacks can be thwarted, at least for iCloud. Use two-step verification for Apple ID to keep your personal information as secure as possible. More info here.

Always use unique passwords and use Apple’s Keychain Access and iCloud Keychain to create and manage them. When used properly, it works like a dream.

Hackers threaten to wipe millions of iPhones and iCloud accounts if Apple doesn’t pay up by April 7th – March 22, 2017
Yahoo discloses ‘largest hack of all time,’ says hackers stole data from over one billion users – December 15, 2016
Windows to blame for Home Depot’s gigantic security breach; senior executives given new MacBooks and iPhones – November 10, 2014
Target debacle: Retailer now says 70 million people hit in massive data breach – January 10, 2014
Report: 6.5 million LinkedIn passwords stolen – June 6, 2012


  1. Turn on Dual Factor – and delete your Linked-in and Yahoo accounts, if you value your security.

    As time goes on these things will contue to happen. Build a contingency plan, backup backup backup. Minimize exposure.

  2. Just like i assumed earlier.
    If you give your one password to everybody, your one password will be owned by everybody. Nobody can protect your car from being stolen if you just make hundreds of copies of your keys and throw them around.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.