Over the weekend, news broke that iCloud accounts for some celebrities were hacked, leading to the leak of hundreds of nude photos. The vulnerability itself has now surfaced, according to The Next Web.
The report notes that a vulnerability in Apple’s Find My iPhone service is to blame. Here hackers were able to use “brute force” to target an account on the company’s iCloud service. This sort of attack is where a malicious person uses a script to repeatedly guess passwords to attempt to discover the correct one.
Among the celebrities whose accounts were hacked are Jennifer Lawrence, Kate Bosworth, Jenny McCarthy, and Kate Upton.
Meanwhile, 9to5Mac says that Apple patched the service on Monday at 3:20 a.m. PDT. They have yet to comment on the story.
They rightly conclude “It’s worth noting that the vulnerability did not allow access to iCloud passwords, it only permitted repeated guesses or an automated dictionary attack. In order for it to succeed, relatively weak passwords would need to have been used on the accounts accessed.”
We’ll continue to follow this story.
In the meantime, see: Apple partnering with Visa and MasterCard in addition to Amex for so-called ‘iPhone Wallet,’ Here’s a drone’s eye view of Apple’s spaceship-like Campus 2 in progress, and Apple highlights common reasons for app rejections in new developer webpage.
Photo: Jason Merritt/Getty Images