Apple responds to hacker claims, says systems not breached
Apple in a statement late Wednesday responded to claims that a hacking group is threatening to wipe hundreds of millions of iPhones and iPads using stolen credentials, saying its own systems have not been compromised.
Earlier in the day, Motherboard reported a group calling itself the "Turkish Crime Family" is holding Apple ransom with some 559 million email and iCloud accounts. The hackers are threatening to remotely wipe hardware associated with the alleged credentials unless Apple hands over $75,000 in cryptocurrency or $100,000 in iTunes gift cards by April 7.
While Apple did not go so far as to debunk the report or the legitimacy of a stolen list of IDs and passwords, a company spokesperson told Fortune that any loose user information did not originate from its servers.
"There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the spokesperson said. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services."
Citing a person familiar with the contents of the Turkish Crime Family's data, the report goes on to say that many user names and passwords appear to come from a 2012 LinkedIn breach. Whether that hack contained Apple user IDs and passwords is unknown, though the possibility seems slim. A more likely threat is the possibility of credential recycling. People often reuse usernames and passwords across different services.
Apple went further to allay fears that customer iOS devices might soon be remotely wiped without their knowledge or consent. In the statement, Apple said it is "actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication."
To be safe, users of Apple's iCloud who apply the same credentials to other services are urged to update their passwords. Taking Apple's advice and enabling two-factor authentication for Apple ID and the iCloud web client is also highly recommended.
Earlier in the day, Motherboard reported a group calling itself the "Turkish Crime Family" is holding Apple ransom with some 559 million email and iCloud accounts. The hackers are threatening to remotely wipe hardware associated with the alleged credentials unless Apple hands over $75,000 in cryptocurrency or $100,000 in iTunes gift cards by April 7.
While Apple did not go so far as to debunk the report or the legitimacy of a stolen list of IDs and passwords, a company spokesperson told Fortune that any loose user information did not originate from its servers.
"There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the spokesperson said. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services."
Citing a person familiar with the contents of the Turkish Crime Family's data, the report goes on to say that many user names and passwords appear to come from a 2012 LinkedIn breach. Whether that hack contained Apple user IDs and passwords is unknown, though the possibility seems slim. A more likely threat is the possibility of credential recycling. People often reuse usernames and passwords across different services.
Apple went further to allay fears that customer iOS devices might soon be remotely wiped without their knowledge or consent. In the statement, Apple said it is "actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication."
To be safe, users of Apple's iCloud who apply the same credentials to other services are urged to update their passwords. Taking Apple's advice and enabling two-factor authentication for Apple ID and the iCloud web client is also highly recommended.
Comments
(Everyone's thinking it)
I can imagine the emails...
"or just give us iTunes gift cards bro"
They could have got details that way.
http://fortune.com/2016/05/18/linkedin-data-breach-email-password/
People reuse passwords, this happened on a small scale with iCloud already. Apple got the blame even though other services were compromised. If Apple could get the breached databases, maybe directly from LinkedIn/Microsoft and others, they could run a password check to see which have been reused on iCloud services.
They can limit the damage by restricting device wipes to one per IP per day if they haven't already and they could always disable the service entirely if they saw a surge in reset requests.