Apple 'actively investigating' celebrity nude photo fiasco

iCloud Hack
Maybe putting everything into TouchID and iCloud's hands isn't such a good idea...

Update September 2: After spending more than 40 hours investigating the attack, Apple concluded the celebrity photos were accessed in a "very targeted attack" and not through an iCloud security breach.

The company released a statement on September 2 outlining its findings, namely that neither iCloud or Find my iPhone were breached to obtain the photos.

However, it does sound like individual iCloud accounts were compromised, thus leading to the leaks.

Read more from Apple's statement.

Original article below...

Apple says it's now actively investigating an embarrassing security breach of its iCloud service that allowed hackers to post dozens of celebrity nude photos to the web this weekend.

"We take user privacy very seriously and are actively investigating this report," said Apple spokeswoman Natalie Kerris said in a statement to Recode.

The response was prompted after an alleged exploit using iCloud's "Find My iPhone" feature allowed users to break in to steal passwords, view images and other data stored in a users' iCloud accounts.

As a result of the security breach some of the hackers posted nude photos, both real and some said to be fakes, of several actresses, athletes, models and other celebrities.

Of course, since this exploit affect all iCloud accounts, the security hole could have effected every user on Apple's cloud service.

How could this happen!?

The Next Web reports the issue may have stemmed from Apple allowing for an unlimited number of password attempts to access the Find My iPhone service. Supposedly hackers took advantage of this vulnerability by using iBrute to repeatedly try different password combinations until it broke the code.

Apple claims it has since fixed the issue by limiting the password attempts to five. The Cupertino company also advises users to add an extra layer of security for themselves by adding the two-step verification process to their iCloud accounts.

Still we'd advise users to change their password in light of the recent exploit.

TechRadar has reached out to Apple for a comment on the security breach and will update this article once we hear back.

  • Keep your fingers crossed for more security features in iOS 8
TOPICS
Kevin Lee

Kevin Lee was a former computing reporter at TechRadar. Kevin is now the SEO Updates Editor at IGN based in New York. He handles all of the best of tech buying guides while also dipping his hand in the entertainment and games evergreen content. Kevin has over eight years of experience in the tech and games publications with previous bylines at Polygon, PC World, and more. Outside of work, Kevin is major movie buff of cult and bad films. He also regularly plays flight & space sim and racing games. IRL he's a fan of archery, axe throwing, and board games.