Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach

icloud_icon_blueA breach of Apple's iCloud and Find My iPhone service was not involved in the recent hacking incident that saw the private photos and videos of several celebrities leaked onto the Internet, according to a press release just issued by Apple.

Instead, celebrity iCloud accounts were compromised by a targeted attack on user names, passwords, and security questions.

We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple's engineers to discover the source. Our customers' privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud(R) or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

Over the weekend, hundreds of nude photos of celebrities were leaked on 4chan before spreading to multiple Internet sites, with one of the involved hackers pointing towards iCloud as the source of the material, which quickly led to accusations of a flaw in iCloud as the reason for the leak.

Apple announced plans to launch an investigation into the matter on Monday, after a tool surfaced on Github that could have potentially allowed hackers to brute force their way into accounts via a security flaw in Find My iPhone. Though this tool allowed for multiple attempts to enter a password without being locked out of an account, it appears that it was not a factor in the recent hacking of celebrity accounts due to Apple's statement that Find My iPhone was not involved.

Apple suggests that all iCloud/Apple ID users should have a strong password and enable two-step verification to avoid similar hacking attempts.

Popular Stories

Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...
CarPlay Ultra Climate Controls

Apple Says These Vehicle Brands Plan to Offer All-New CarPlay Ultra

Thursday May 15, 2025 8:13 am PDT by
Apple today announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. CarPlay Ultra features deep integration with a vehicle's instrument cluster and systems, built-in Radio and Climate apps, customizable widgets, and more. The interface is tailored to each vehicle model and automaker's identity, and drivers can also adjust...
vision pro video recording

WSJ: Some Apple Vision Pro Buyers 'Feel Total Regret'

Friday May 16, 2025 7:43 am PDT by
Apple's Vision Pro headset has left many early adopters expressing dissatisfaction over its weight, limited use cases, and sparse software ecosystem, according to a new article from The Wall Street Journal. In the year following the device's launch, user feedback suggests that it has failed to meet expectations for comfort, software support, and social acceptance. In interviews conducted by T...
iPhone 17 Air Pastel Feature

iPhone 17 Air Could Debut Advanced Silicon Battery Tech

Friday May 16, 2025 8:00 am PDT by
The upcoming all-new ultra-thin iPhone 17 Air could become the first Apple smartphone to adopt advanced battery technology, with Japanese supplier TDK preparing to ship its new generation of silicon-anode batteries by the end of June. According to DigiTimes, TDK CEO Noboru Saito revealed in a recent interview that the Apple supplier has accelerated its production timeline, moving shipments...
fortnite apple featured

Apple Says Fortnite for iOS Isn't Blocked Worldwide, Just the U.S.

Friday May 16, 2025 9:58 am PDT by
Apple today clarified that it has not blocked Epic Games from updating the iOS Fortnite app in the European Union, but it is not planning to allow Epic Games to offer Fortnite in the United States App Store at the current time. In a statement to Bloomberg, Apple said that Epic Games tied its U.S. App Store submission to the update that was also being submitted to the Epic Games Store for iOS ...

Top Rated Comments

gibbz Avatar
140 months ago
All looks and no brains...

Clearly only women use weak passwords :rolleyes:

How about we stop victim-shaming people, celebrity or not?
Score: 53 Votes (Like | Disagree)
taptic Avatar
140 months ago
All looks and no brains...
Score: 45 Votes (Like | Disagree)
neuropsychguy Avatar
140 months ago
What!? My password oscar4me wasn't good enough?

/I know a lot of very intelligent people who use simple passwords and I'm not blaming the victims but we need a strong campaign educating people about what are and are not good passwords. Apple's work with suggested passwords is a great start (if only people will use it).
Score: 36 Votes (Like | Disagree)
Mark-Technology Avatar
140 months ago
Still doesn't matter; saw boobs.
Score: 29 Votes (Like | Disagree)
Doctor Q Avatar
140 months ago
Now all the fun is spoiled. So many media outlets get attention by Apple-bashing without waiting for the facts.

I wonder how many of them will post retractions as prominent as their accusations?
Score: 24 Votes (Like | Disagree)
Analog Kid Avatar
140 months ago
The key phrase here for me is "and security questions". Most of those questions are biographical, and most celebrity biographies are well known.

I've always thought it was silly to say that the name of my high school was a security question-- there is nothing secure about that information.
Score: 22 Votes (Like | Disagree)