The Inquirer-Home

Apple blames celebrity skin leak on weak passwords, says iCloud wasn't breached

Updated Firm advises using two-step verification to avoid private snaps being stolen
Wed Sep 03 2014, 09:27
Celebrities have had cloud storage accounts hacked and content shared

APPLE HAS DENIED that its iCloud service has been breached following the leak of celebrity snaps, blaming it instead on weak passwords. 

Until now, reports had suggested that a vulnerability in Find my iPhone may have been at fault, with other fingers pointing to iCloud as the culprit for the leak which saw celebrity images pinched and subsequently shared by 4chan.

Apple isn't having that, and has since looked to clear things up. The firm says that neither its iCloud or Find my iPhone services have been breached, and said that the leak came due to "a very targeted attack on user names, passwords and security questions".

"We wanted to provide an update to our investigation into the theft of photos of certain celebrities," Apple said on its website. "When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source.

"Our customers' privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the internet. 

"None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

"To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification."

The plundered content was shared this week on the 4chan website, and a list of victims was uploaded. It is a long list. Not many of the names mean anything to us here at The INQUIRER.

Various parties and their legal representatives have made some comments about the leaks and one, representing actress Jennifer Lawrence, told Buzzfeed that law enforcement authorities have been asked to look into the leak and the posters.

"This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence," they said.

The 4chan thread is a busy one, and posters have discussed the content and what parts of it they have seen. One said that the original poster had started requesting payment in Bitcoin.

Law enforcement might come down on hard on celebrity hackers, and particularly those that share private images.

In 2011 the FBI arrested Christopher Chaney for hacking and leaking content belonging to celebrities including Mila Kunis and Scarlett Johansson, and he was threatened with as long as 121 years in prison.

He pleaded guilty to accessing the computers of Hollywood stars and others without their consent and was sentenced in 2012. Chaney, who was accused of hacking some 50 celebrities, was sentenced to 10 years in prison and the judge expressed a firm view that the crime is serious.

Some 60 celebrities are affected by this recent leak. Some have taken to Twitter to claim that the images are faked.

For more on protecting data stored in the cloud, visit the Intel IT Center µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Apple announces the iPhone 6, iPhone 6 Plus and Apple Watch

Which of Apple's new products will you be buying?