Celeb nudes leak not iCloud's fault, says Apple

MICHAEL IDATO
Last updated 09:55, September 3 2014
HACKED: Jennifer Lawrence.
Reuters

HACKED: Jennifer Lawrence.

The technological giant Apple has broken its silence over the hacking of more than 100 celebrity iCloud accounts which has resulted in more than 400 naked images of high-profile celebrities being released on the internet.

Apple said that the accounts were compromised by a "targeted attack" on usernames, passwords and security questions.

The company said after an internal investigation the company had found no evidence that its iCloud storage system had been breached.

That would seem to fit with the revelation earlier this week that the images were assembled into a collection by an individual who acquired them from more than one hacker in an online black market where such material is traded or sold.

But it does not explain why some images which were released were identified as having already been deleted by their owners.

"After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on usernames, passwords and security questions," Apple said in a statement.

The company said that it was "a practice that has become all too common on the internet."

Such attacks use software to repeatedly access password reset systems and take advantage of simple passwords or poor security questions.

An internet posting, attributed to the individual responsible for assembling the collection of images, suggested the breach of security was not the Apple-owned iCloud itself but rather the "backup systems" which store material for iCloud accounts.

The posting also suggested some images were lifted from private Facebook accounts, the instant imaging app SnapChat and other shared "cloud" drives, such as Google Drive and DropBox.

Ad Feedback

In the statement, the company said that when it learned of the theft, it was "outraged".

"[We] immediately mobilised Apple's engineers to discover the source," the statement said.

The company's position is that none of the accounts were compromised via the iCloud service.

Apple also said the Find my iPhone system, which allows owners to track mobile devices, was not breached.

"We are continuing to work with law enforcement to help identify the criminals involved," the statement said.

Apple's iCloud is a server based storage system which is accessed using Apple's devices, such as iPhones and iPads.

The cloud expands the storage capacity of a handheld device by uploading material to the server where it is stored in secured folders. The iCloud is also used to back up material stored on a device, to insulate it from damage or loss.

Though iCloud is owned by Apple, the tech giant has largely escaped censure in the wake of the scandal.

A total of 423 images are reportedly in existence, affecting approximately 100 celebrities.

Most are genuine, but some have been identified as fake.

Among the names of those affected are actresses Jennifer Lawrence, Kate Upton, Lea Michele, Hillary Duff, Kaley Cuoco, Vanessa Hudgens, Selena Gomez and Kate Bosworth, and Australian actresses Teresa Palmer, Yvonne Strahovski and Emily Browning.

 - Sydney Morning Herald

Related Links

A leak in the celebrity iCloud

Apple fixes bug behind nudes leak

Comments