Apple admits celebrity accounts hacked but denies iCloud breach

Apple admitted that some of its most famous customers’ iPhone accounts were invaded by hackers, as US law enforcement investigates the mass leak of intimate photographs of more than 100 celebrities.

Its central iCloud systems were not breached in the attack, despite claims by the hackers, Apple stressed, averting a wider threat that might have affected all iPhone owners.

In a statement on Tuesday, Apple said the attack on “certain celebrity accounts” was “very targeted” against their user names and passwords.

Personal images of actors including Oscar winner Jennifer Lawrence first appeared on 4chan, the unruly internet message board, over the weekend before spreading via social media.

Apple said it was “outraged” by the intrusion, which it presented as a generic problem for online accounts, rather than a specific problem with iCloud. It recommended that all iPhone, iCloud and iTunes customers use long passwords and sign up for “two-step verification”, which adds another layer of security.

“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the internet,” Apple said.

“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”

The attack on some of its best-known customers’ extremely sensitive personal information comes at an awkward time for Apple, as it gears up for its biggest product launch in several years next week.

The Federal Bureau of Investigation said it was aware of alleged “computer intrusions and the unlawful release of material involving high-profile individuals” and that it was “addressing the matter”, Bloomberg reported.

Some celebrities, including Ms Lawrence, have confirmed the authenticity of the private photos. Others whose images appear to have been released include singer Rihanna, Kim Kardashian, the reality television star, and actresses Kirsten Dunst and Mary Winstead.

“Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this. Feeling for everyone who got hacked,” tweeted Ms Winstead.

Before Apple’s comments, there had been a broad range of speculation about the source of the leak. Some analysts pointed to a report on GitHub, a collaboration platform for software developers, about a technical fix Apple had made over the weekend perhaps to close a possible route for attackers. 

Others suggested the leak might have been the result of “phishing” attacks whereby celebrities or their managers had been tricked into sharing their passwords.

These “social engineering attacks” involve emails that appear to be legitimate requests for account details from the companies operating social networks, email accounts or cloud storage sites.

“We have a lot of speculation on this story, but not a lot of facts,” said Carl Howe, vice-president of data sciences research at 451 Research, an analyst group.

“More likely, if the photos are genuine, it was a social engineering attack of some form – ie, they guessed a celeb’s password or got it from a friend.”

Other security researchers said that before the weekend’s change to its “Find My iPhone” service, Apple had previously allowed users – and, therefore, potential attackers – to make an unlimited number of guesses at their password.

Other services typically lock an account after a certain number of incorrect attempts to enter login details. So-called “brute force attacks” use software programmes to enter many potential passwords until the right one is guessed.

“It’s a common mistake for companies, but Apple likes to be seen as more secure than average,” said David Chismon, a senior researcher at MWR InfoSecurity, a cyber security group.

The leak has generated renewed attention on the question of the integrity of personal information stored online. 

“People need to decide if they want highly personal information to be in the cloud, because once it’s there, it’s at risk,” said Mr Chismon. “What people often don’t realise is that because many phones back themselves up automatically, a lot of data are being put on cloud services whether they know it or not.”

The news also underlines risks for companies that are banking on corporate clients putting ever more data in the cloud, including “software as a service” groups such as Dropbox and Box. Consumer-facing technology groups including Apple and Google have also tried to strengthen their security offerings to appeal to corporate users.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Advertisements
Pen Paper and IT

This is my corner of the Net where I can relax and share my thoughts

Dear Dharma

Advice on almost anything…

Human Life Run

Mistakes Are Reality Of Life. Lets Understand and Move on!!

BayArt

New Perspective on Life

mali9437

Machhindra wordpress

indahs: dive, travel & photography

cities - cultures - ocean - marine life

The Beauty Along the Road

Discovering Beauty in the small details of our lives

MLST--MY LITTLE SIMPLE THOUGHT--THE WORDSMITH SCRIBE

A personal comprehensive compendum of related personal thought, diary, articles geared towards championing and alleviating the course of humanity towards the achievement of a greater society whereby all the inhabitants of the world are seeing as one and treated equally without any division along religious affinity, social class and tribal affliation.This is all about creating a platform where everybody interested in the betterment of the society will have a voice in the scheme of things going on in the larger society.This is an outcome of deep yearning of the author to have his voice heard across the globe.The change needed by all and sundry all over the globe starts with us individually.Our world will be a better place if every effort at our disposal is geared towards taking a little simple step that rally around thinking outside the box.

vtofighi

A great WordPress.com site

Ashes of Life

A journey to discover my own writing voice

The Blog of Travel

Motorbikes, dogs and a lot of traveling.

Comicbook Fan and Avid Auto Enthusiast

My Bologna has a first name its: H-O-M-E-R!

A CERTAIN MEASURE OF PERFECTION

A novel inspired by Roger Brierley (1586 - 1637)

Nessy Samuel

Food | Travel | Experiences | Photography

Britt's world

@brittsworld_

James Clark -- The Next Iteration

Eclectic Writtings for a Balanced Life

UptightPrettyGirl

Have fun reading. Message me any time.

Advertisements
%d bloggers like this: