Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Sep 2, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    A breach of Apple's iCloud and Find My iPhone service was not involved in the recent hacking incident that saw the private photos and videos of several celebrities leaked onto the Internet, according to a press release just issued by Apple.

    Instead, celebrity iCloud accounts were compromised by a targeted attack on user names, passwords, and security questions.
    Over the weekend, hundreds of nude photos of celebrities were leaked on 4chan before spreading to multiple Internet sites, with one of the involved hackers pointing towards iCloud as the source of the material, which quickly led to accusations of a flaw in iCloud as the reason for the leak.

    Apple announced plans to launch an investigation into the matter on Monday, after a tool surfaced on Github that could have potentially allowed hackers to brute force their way into accounts via a security flaw in Find My iPhone. Though this tool allowed for multiple attempts to enter a password without being locked out of an account, it appears that it was not a factor in the recent hacking of celebrity accounts due to Apple's statement that Find My iPhone was not involved.

    Apple suggests that all iCloud/Apple ID users should have a strong password and enable two-step verification to avoid similar hacking attempts.

    Article Link: Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach
     
  2. macrumors regular

    Joined:
    Mar 9, 2012
  3. macrumors 65816

    taptic

    Joined:
    Dec 5, 2012
    Location:
    California
  4. macrumors member

    Joined:
    Nov 25, 2011
  5. macrumors 6502

    Joined:
    Apr 11, 2010
    #5
    I highly doubt that they would lie about this. It does make me feel better about my personal, less at risk, privacy.
     
  6. macrumors 603

    nfl46

    Joined:
    Oct 5, 2008
    #6
    I'm not surprised. Most of us, who aren't celebrities, care more about security than celebrities do. I bet they had easy passwords, and most of their security questions answers could be found on Google.
     
  7. Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #7
    Sad that too many folks rely on simple passwords, regardless of their position in life.
     
  8. macrumors 68040

    BasicGreatGuy

    Joined:
    Sep 21, 2012
    Location:
    In the middle of several books.
    #8
    Not surprised. I hope those affected learned their lesson. They should seriously consider purchasing 1Password and get into the habit of safe guarding their accounts in a more secure and proactive manner.
     
  9. macrumors 68020

    SMIDG3T

    Joined:
    Apr 29, 2012
    Location:
    England
    #9
    Serves them right having such a weak password.

    I bet "password" or "abc123" were used.

    What do you expect "celebrities"? I knew iCloud was stronger than that.
     
  10. neuropsychguy, Sep 2, 2014
    Last edited: Sep 2, 2014

    macrumors 6502a

    neuropsychguy

    Joined:
    Sep 29, 2008
    #10
    What!? My password oscar4me wasn't good enough?

    /I know a lot of very intelligent people who use simple passwords and I'm not blaming the victims but we need a strong campaign educating people about what are and are not good passwords. Apple's work with suggested passwords is a great start (if only people will use it).
     
  11. macrumors 601

    gotluck

    Joined:
    Dec 8, 2011
    Location:
    East Central Florida
    #11
    if it was a breach (brute force), would apple actually admit it?

    wouldn't a third party have to prove it was a breach for apple to admit it?

    the same would hold true for any company, not just apple

    why would any company take the heat if they didn't have to?
     
  12. macrumors regular

    Joined:
    Feb 9, 2003
    Location:
    Boston
    #12
    Why would a celebrity even have nude photos on their device? I guess they just like to take photos of themselves. (stup).
     
  13. macrumors regular

    MacGeek1987

    Joined:
    Sep 11, 2012
    Location:
    New Hampshire, USA
    #13
    "Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months" - Clifford Stoll
     
  14. macrumors 6502a

    Joined:
    Feb 8, 2008
    Location:
    Northern Va
    #14
    And yet still the only ones to blame in this situation are the hackers.
     
  15. macrumors 68030

    gibbz

    Joined:
    May 31, 2007
    Location:
    National Weather Center
    #15
    Clearly only women use weak passwords :rolleyes:

    How about we stop victim-shaming people, celebrity or not?
     
  16. Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Kepler-452b
    #16
    Now all the fun is spoiled. So many media outlets get attention by Apple-bashing without waiting for the facts.

    I wonder how many of them will post retractions as prominent as their accusations?
     
  17. macrumors 68030

    Analog Kid

    Joined:
    Mar 4, 2003
    #17
    The key phrase here for me is "and security questions". Most of those questions are biographical, and most celebrity biographies are well known.

    I've always thought it was silly to say that the name of my high school was a security question-- there is nothing secure about that information.
     
  18. macrumors G5

    Joined:
    Jun 22, 2009
    #18
    So you're going to blame the victim?
     
  19. macrumors member

    Joined:
    Nov 25, 2011
  20. macrumors 6502

    Nyy8

    Joined:
    Jun 12, 2011
    Location:
    New England
    #20
    Watch the celebrities now blame their assistances :rolleyes:
     
  21. Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #21
    No it doesn't. Why relish in something bad happening to someone just because they're a celebrity.
     
  22. macrumors 603

    saving107

    Joined:
    Oct 14, 2007
    Location:
    San Jose, Ca
    #22
    One thing I learned a long time ago is that when the security question says Example: "What's your favorite food", you don't answer it with Pizza or something someone can eventually guess, you answer it completely off like "sky" or "green".

    Also setting up 2-Step Verification on https://appleid.apple.com would help.
     
  23. macrumors 603

    nfl46

    Joined:
    Oct 5, 2008
    #23
    Just like the average person would. Since they have a pass lock on it, they think its secure. Yeah, right. If you take a nude on your cellphone, there's a chance anyone can get it.
     
  24. macrumors G5

    Rogifan

    Joined:
    Nov 14, 2011
    #24
    Make something up?
     
  25. macrumors 6502

    Joined:
    Aug 11, 2011
    #25
    Sadly, the same thing happened to my daughter (no pics, just account hacked) by two idiot teenagers being *******s. They were able to guess the answers to her security questions and changed her password. Then they used that to hack all her social media accounts.
     

Share This Page