Apple hit the news recently over leaked photos of naked celebrities. No doubt this has had people worried that Apple’s security isn’t what everyone thought it would be, leaving them with second thoughts about the safety of their iCloud accounts and content.
After the news of the invasion of privacy had hit, many speculated that Apple were to blame due to a flaw in their security which was then exploited by the hackers.
The pictures of several mainly female celebrities were posted on the online message board 4chan and included pictures of Jennifer Lawrence, Rihanna, Kaley Cuoco Ariana Grande, Kate Upton, to name a few. Buzzfeed were one of the first to suggest the breach may have come from an iCloud glitch or PhotoStream failure.
Apple has since conducted a 40 hour investigation to detect whether or not their systems were in fact breached in the hack that happened last weekend. The verdict: No. They weren’t. Apple has suggested the hack wasn’t down to a flaw in their systems but down to weak username, password, and security question combinations that the hackers were able to crack.
On 2 September Apple released a statement saying “We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us.”
Apple suggested that the attack happened because of weak passwords and security information. They continued by saying: “After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.”
Apple are working hard to find the perpetrators and also in reinforcing people’s faith in Apples security and accounts. It is recommended for anyone involved or concerned to visit their website where more information on creating a strong password and verification process can be obtained.
Source: Pocket Lint