Toggle Dark Mode
[Updated March 23, 2017 at 11:00am]
An Apple spokesperson on Thursday morning issued a statement that essentially debunked the claims that their servers had been breached by the “Turkish Crime Family.”
While the company has yet to officially confirm or deny the authenticity of the group’s data — which supposedly consisted of screenshots and a since deleted YouTube video — the spokesperson conceded in an emailed statement to Fortune that even if the screenshots and data are legitimate, they were not obtained as the result of a breach on Apple’s servers.
“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the spokesperson indicated, while adding that “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”
The spokesperson went on to assure the publication that Apple is “actively monitoring” its servers in order to thwart or prevent unauthorized access to its customer’s most sensitive iCloud information — and that the Cupertino-company is working with local and federal authorities in hopes of ultimately identifying the criminals involved in this nefarious act.
It is suggested that users reset their iCloud passwords, and that these passwords be unique to iCloud — in other words, passwords that are not being used as login credentials on other websites or Mac/iOS apps. A further step to ensure security would be to enable Two-Factor Authentication, which can be done by going completing the following actions.
- Open Settings.
- Select iCloud.
- Tap on your user ID.
- Select Passwords & Security.
- Enable Two Factor Authentication if it’s not enabled already.
A group of hackers, who’ve identified themselves as the “Turkish Crime Family,” have threatened to remotely wipe hundreds of millions of iCloud-connected iPhones and iPads belonging to owners whose accounts have “been compromised,” according to a report published this morning to Motherboard.
The malicious group has allegedly given Apple until April 7th, 2017 to comply with their demands, which they’ve stipulated as a ransom to the tune of $75,000 in either Ethereum or Bitcoin cryptocurrencies, or $100,000 in iTunes gift-cards.
“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers allegedly explained to Motherboard.
It’s not clear if the group’s claims of having achieved access to these “compromised” iCloud accounts are valid, however, in a series of screenshots — and also, a YouTube video — the hackers appear to have provided evidence of internal conversations that have taken place between them and Apple’s Cupertino-based security team.
The hacking group has allegedly shared these screenshots exclusively with Motherboard, who was first to break the story this morning. However, a series of posts to the group’s official Twitter account paint a mixed message of what they actually have access to — and what they’re capable of doing, for that matter. For instance, they allege that as many as 200 million, 300 million, and even as many as 599 million iCloud accounts could be compromised, respectively, in a series of unhinged Tweets written in Turkish. The group also claims to have access to a plethora of Apple-generated email accounts, including those utilizing the @me and @icloud domains.
“We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law,” one of Apple’s security team members said in response to the group, while adding that all archived communications between them will be sent to the appropriate authorities.
Apple has not responded to multiple requests for comment on the situation; however, it should be noted that hacking groups are notorious for extorting large companies like Apple, in hopes of gaining monetary ransom in exchange for putting an end to their shenanigans. A classic example of this would be the now infamous ‘Celebgate’ scandal of 2015, in which a number of high-profile celebrities fell victim to their iCloud accounts being hacked — and their most valuable data being shared like a video of cute puppies gone viral, as a result.
Nevertheless, it’s difficult even for Apple to verify the validity of this situation, at this point. Therefore, we highly recommend that users take the appropriate measures to secure their iCloud accounts as soon as possible — just to be safe.
If you haven’t done so in a while, we recommend changing your iCloud password, which can be done on your iOS device by navigating to:
- Tap on your name.
- Select Password & Security.
- Then tap Change Password.