Your iCloud Account Might Be Used to Extort Apple

The group, calling itself the “Turkish Crime Family,” has demanded $75,000 in Bitcoin or Ethereum, another popular form of crypto-currency. Ever accomodating, the group is also willing to accept $100,000 worth of iTunes gift cards from Apple. If its demands are met, Turkish Crime Family promises to delete the alleged cache of usernames and passwords.

According to one of the emails Motherboard was allowed access to, the hackers claim to have access to more than 300 million Apple email accounts. There’s some inconsistency in the hackers’ story, though. One member of the group later claimed that Turkish Crime Family had compromised 559 million accounts in all.

The hackers have mostly been corresponding with Motherboard, although the emails in the account the outlet was given access to make it seem that the group has approached multiple media outlets. What the hackers haven’t done, though, is provide any of the supposedly stolen iCloud accounts to verify their claim. A few accounts were shown being accessed in a YouTube video, but that video has since been deleted.

Apple apparently hasn’t commented publicly on the breach. However, Motherboard was shown a screenshot of a message allegedly from Cupertino’s security team after the hackers’ YouTube video was posted.

At this point, it’s impossible to say whether this group of hackers really has access to such a large number of iCloud and other Apple email accounts. It’s unlikely that the group could have gained access by way of a breach of Apple’s servers, but people are often known to use the same email address and password combination for multiple services. It’s entirely possible that some other service has suffered a major breach, giving Turkish Crime Family the iCloud data it claims to have. It’s always a good idea to change your password periodically, so maybe this is a good time to do so.