Apple says iCloud system breach not to blame for celebrity photo hack

News
By published

This was the result of targeted attacks

iCloud
The iCloud is safe, for now

The theft of private celebrity photos wasn't the result of an iCloud system security breach, an "outraged" Apple revealed.

The Cupertino company said in a statement it mobilized its engineers as soon as it heard of the attack over the long US holiday weekend. After more than 40 hours of investigation, it determined "that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions."

Apple called attacks like this "all too common on the internet."

It concluded that none of photos were obtained through "any breach in any of Apple's systems including iCloud or Find my iPhone." However, it sounds as though individual iCloud accounts were compromised to obtain the images. As described by Apple, the hack appears to have stemmed from some sort of phishing scheme and/or was a brute-force hack by which the attackers kept guessing account passwords until they gained account access.

Son of a breach

The attack saw nude photos of A-list celebrities hit the web, though a number were written off as fake.

Veracity of photos aside, the leaks raised concerns among users, especially since Find my iPhone previously allowed unlimited password entry attempts.

Apple has since limited the number of attempts to five, and today it repeated the message that users should create a strong password and set-up two-step verification to protect themselves. More information on security is available through the Apple support page.

The high-profile hack comes at a bad time for Apple. It's expected to unveil the iPhone 6 and iWatch a week from today. Among the new iPhone's rumored features is an integrated mobile payment platform; a hack of this size and type doesn't exactly breed confidence in the security of Apple's systems.

The company said it's continuing to work alongside law enforcement to track down the celebrity photo leak perpetrators. TechRadar asked Apple if it is any closer to identifying the individual or individuals responsible and whether the company is planning to implement any further security measures as a result of the attack.

We'll update this article when we hear back.

TOPICS
Michelle Fitzsimmons
Michelle Fitzsimmons

Michelle was previously a news editor at TechRadar, leading consumer tech news and reviews. Michelle is now a Content Strategist at Facebook.  A versatile, highly effective content writer and skilled editor with a keen eye for detail, Michelle is a collaborative problem solver and covered everything from smartwatches and microprocessors to VR and self-driving cars.

Latest in Pro
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Racks of servers inside a data center.
Modernizing data centers: an efficient path forward
Dr. Peter Zhou, President of Huawei Data Storage Product Line
Why AI commonization is so important for business intelligent transformation and what Huawei’s data storage has to offer
Wix automation
The world's leading website builder aims to save businesses time with new tool
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Latest in News
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Image showing detail of the Leica D-Lux 8
Still can't get a Fujifilm X100VI? This premium Leica compact costs less, and it's in stock
More about pro
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View

I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Nokia 5G 360 Camera

This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof
Autonomous finance

Quickbooks vs Quicken: what are the main strengths and weaknesses for your business
See more latest
Most Popular
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Nokia 5G 360 Camera
This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof
AI writer
Coding AI tells developer to write it himself
Data Breach
Thousands of healthcare records exposed online, including private patient information
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
Google Messages update
Google Messages could soon follow WhatsApp with an upgrade that makes it much easier to join group chats
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Nvidia RTX 6000
Details of Nvidia's fastest video card ever leak; RTX Pro 6000 Blackwell GPU will have 96GB GDDR7 ECC memory
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks