Connect with us

Hi, what are you looking for?

Social Media

Apple downplays iCloud blackmail — but users should be worried

But sample data seen by ZDNet shows that at least some of the data is valid login information.

The blackmail story began on Tuesday, when Motherboard reported that a group calling itself “Turkish Crime Family” demanded $75,000 (£59,000) in either Bitcoin or Ethereum from Apple, or $100,000 (£79,000) in iTunes gift cards in return for deleting the iCloud user data it claimed to possess.

Apple, however, released a statement denying that its servers had been hacked. Instead, it seems that the login information comes from the 2012 LinkedIn hack.

Game over, right? Apple wasn’t breached, so everything is fine? Well, not so much. Turkish Crime Family handed over sample data to ZDNet, which the publication verified as actual login information. The publication spoke to 10 people who verified their data.

Despite the advice of security experts, many people re-use passwords over and over, meaning that if one of their accounts (apparently LinkedIn, in this case) is compromised, their others all become vulnerable too. So clearly people are at risk, even if it’s not necessarily the millions of people that Turkish Crime Family claimed are affected.

Apple, however, has only released one statement on the story, in which it denied it had been hacked, and said it is “actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved.”

Contrast Apple’s statement with the actions of Reddit and Twitter, which forced password resets on certain accounts after learning that login information for users had been posted online — even though the sites themselves hadn’t been breached.

Apple increased iCloud security in 2014 after celebrities had their private photos stolen and posted online using a weakness in iCloud accounts. It prompted users to use two-factor authentication, which requires a phone number to get into accounts.

Encouraging users to change their passwords or to enable two-factor authentication now, in light of Turkish Crime Family’s claims, could stop users having their accounts taken over or deleted. Apple said in its statement on the attempted blackmail that users should enable two-factor authentication for their accounts, but it has yet to email users or send notifications to their devices that their accounts could be at risk.

This article was originally published on Business Insider. Copyright 2017.

Written By

You may also like:

Business

January is a popular month for people quitting their job as a part of their New Year’s resolutions.

Tech & Science

The uproar left the CEO of Tesla and SpaceX battling the humiliating accusation that he was faking it as a skilled gamer.

Tech & Science

The U.S. grounded SpaceX's Starship and ordered Elon Musk's company to investigate why the spaceship spectacularly disintegrated.

World

People protest against US Immigration and Customs Enforcement and the first Trump administration's immigration policies outside a Chicago ICE office in 2018 - Copyright...