You are using an outdated browser. Please upgrade your browser to improve your experience.
iCloud security threat

Apple Responds to the iCloud Security Threat to Reassure Customers

Security
March 23, 2017

Recently, I told you about an extortion scheme a group of hackers calling themselves the “Turkish Crime Family” was running to try to get $75,000 in Bitcoin or Ethereum (or $100,000 in iTunes give cards) out of Apple. Since then, Cupertino has reached out to Fortune in an effort to reassure customers that the list, if it is legitimate, was not obtained by hacking Apple.

A Reminder of the Hackers’ Threats

A Reminder of the Hackers’ Threats

In case you missed it, the Turkish Crime Family claims to have obtained access to as many as 559 million iCloud and other Apple email accounts. The group wants Apple to cough up the ransom by April 7, 2017, or it will reset the iCloud accounts and remotely wipe the data on as many iPhone and iPad devices as are associated with those accounts. On the other hand, the group pinky-swears that it will delete all of the data if Apple pays up.

Apple’s Response to the iCloud Security Question

Apple’s Response to the iCloud Security Question

Cupertino, in an emailed statement to Fortune, attempted to reassure customers that any stolen data didn’t come from Apple’s servers.

There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

- Apple, in an email to Fortune

A person familiar with the contents of the breached data said that many of the email accounts and passwords in it match data that was leaked through a previous breach at professional networking site LinkedIn. That site, you might remember, “lost” information for more than 100 million accounts in 2012.

Will Your iPhone or iPad Get Wiped?

Will Your iPhone or iPad Get Wiped?

We don’t know how likely it is there could be a mass remote wipe of iPhone and iPad data, and neither does Fortune. However, the spokesperson from Cupertino did say that Apple is “actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved.”

Protect Your iCloud Security, Just In Case

Protect Your iCloud Security, Just In Case

In the event that the threat is real, I’d recommend taking certain precautions sooner, rather than later. You should definitely change your iCloud and/or other Apple email password right away. Avoid using the same password for multiple sites. Be sure your password is a long, strong password (at least eight characters, if not longer, and a random combination of both upper case and lower case letters, nubers, and symbols). Using a good password manager is always a great idea.

Check out one of these password managers to create and store strong passwords

Free
1Password - Password Manager and Secure Wallet
1Password - Password Manager and Secure Wallet
AgileBits Inc.
Free
LastPass Password Manager
LastPass Password Manager
LogMeIn, Inc.
Free
Keeper® Password Manager & Secure Digital Vault
Keeper® Password Manager & Secure Digital Vault
Callpod Inc.

Finally, it wouldn’t be a bad idea to activate two-factor authentication, if you haven’t already.