Celebrity iCloud Accounts Compromised by Weak Passwords, Not iCloud Breach

icloud_icon_blueA breach of Apple's iCloud and Find My iPhone service was not involved in the recent hacking incident that saw the private photos and videos of several celebrities leaked onto the Internet, according to a press release just issued by Apple.

Instead, celebrity iCloud accounts were compromised by a targeted attack on user names, passwords, and security questions.

We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple's engineers to discover the source. Our customers' privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud(R) or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

Over the weekend, hundreds of nude photos of celebrities were leaked on 4chan before spreading to multiple Internet sites, with one of the involved hackers pointing towards iCloud as the source of the material, which quickly led to accusations of a flaw in iCloud as the reason for the leak.

Apple announced plans to launch an investigation into the matter on Monday, after a tool surfaced on Github that could have potentially allowed hackers to brute force their way into accounts via a security flaw in Find My iPhone. Though this tool allowed for multiple attempts to enter a password without being locked out of an account, it appears that it was not a factor in the recent hacking of celebrity accounts due to Apple's statement that Find My iPhone was not involved.

Apple suggests that all iCloud/Apple ID users should have a strong password and enable two-step verification to avoid similar hacking attempts.

Popular Stories

ios 18 button bulge

iOS 18 Adds Pop-Out Bezel Animation When Pressing iPhone Buttons

Tuesday June 11, 2024 10:40 am PDT by
iOS 18 includes a small but interesting change for the buttons on the iPhone, adding more of a visual element when changing volume, activating the Action button, or locking the screen. When you press an iPhone button in iOS 18, the display bezel bulges outward slightly. This feature is available for the volume buttons, Action button and the power button, and it will also likely be used for...
iOS 18 Mock iPhone 16 Feature Gray

Revealed: iOS 18 Works With These iPhone Models

Monday June 10, 2024 3:57 am PDT by
iOS 18 will be compatible with the same iPhone models as iOS 17, according to a post on X today from a private account with a proven track record of sharing build numbers for upcoming iOS updates. iOS 18 will be compatible with the iPhone XR, and hence also the iPhone XS and iPhone XS Max models with the same A12 Bionic chip, but older iPhone models will miss out. Here is the full...
Next Gen CarPlay WWDC24 1

Apple Provides Updated Look at Next-Generation CarPlay at WWDC 2024

Monday June 10, 2024 7:11 pm PDT by
Apple today shared a few WWDC 2024 coding sessions related to its upcoming next-generation CarPlay system ahead of its launch later this year. The sessions include lots of updated next-generation CarPlay images, with one revealing new Vehicle, Media, and Climate apps in action for the first time. MacRumors previously discovered evidence of these apps in the iOS 17.4 beta. Next-generation...
ios 18 tile summary

Apple Announces iOS 18 With New Customization Features, Redesigned Photos App, and More

Monday June 10, 2024 10:17 am PDT by
Apple today previewed iOS 18, the next major update to the operating system for the iPhone, with new customization features, a redesigned Photos app, and more. iOS 18 features new customization tools for the Home Screen. App icons now feature Dark Mode and users can tint them with a color to create a unique look. Apps can also now be placed anywhere on the Home Screen freely. The Control...
sequoia

macOS Sequoia and iPadOS 18 Drop Support for These Macs and iPads

Monday June 10, 2024 4:13 pm PDT by
macOS Sequoia is still compatible with several Intel-based Macs, but it does drop support for 2018 and 2019 models of the MacBook Air. macOS Sequoia is compatible with the following Macs, according to Apple: MacBook Pro: 2018 and later MacBook Air: 2020 and later Mac mini: 2018 and later iMac: 2019 and later iMac Pro: 2017 Mac Studio: 2022 and later Mac Pro: 2019 and later The...
maxresdefault

Everything Apple Announced at WWDC 2024 in Nine Minutes

Monday June 10, 2024 7:59 pm PDT by
Apple crammed an overwhelming number of new features into its WWDC 2024 keynote event, introducing Apple Intelligence, iOS 18, iPadOS 18, macOS Sequoia, visionOS 2, watchOS 11, and tvOS 18. It was hard to keep up with everything that Apple highlighted, so we did a video of all of the new additions you won't want to miss. Subscribe to the MacRumors YouTube channel for more videos. We've also...
iOS 18 Siri Integrated Feature

Massive iPhone Upgrade Coming This Week But These Devices Will Miss Out

Sunday June 9, 2024 1:25 pm PDT by
Apple is planning a major AI overhaul in iOS 18, with a feature set it is referring to as "Apple Intelligence." However, these new features will not work on older iPhones, even if they do appear on the new operating system's device compatibility list. Apple's initial AI roadmap for iOS 18 is said to come in two parts: Basic AI features that will be processed on-device, and more advanced...

Top Rated Comments

gibbz Avatar
128 months ago
All looks and no brains...

Clearly only women use weak passwords :rolleyes:

How about we stop victim-shaming people, celebrity or not?
Score: 53 Votes (Like | Disagree)
taptic Avatar
128 months ago
All looks and no brains...
Score: 45 Votes (Like | Disagree)
neuropsychguy Avatar
128 months ago
What!? My password oscar4me wasn't good enough?

/I know a lot of very intelligent people who use simple passwords and I'm not blaming the victims but we need a strong campaign educating people about what are and are not good passwords. Apple's work with suggested passwords is a great start (if only people will use it).
Score: 36 Votes (Like | Disagree)
Mark-Technology Avatar
128 months ago
Still doesn't matter; saw boobs.
Score: 29 Votes (Like | Disagree)
Doctor Q Avatar
128 months ago
Now all the fun is spoiled. So many media outlets get attention by Apple-bashing without waiting for the facts.

I wonder how many of them will post retractions as prominent as their accusations?
Score: 24 Votes (Like | Disagree)
Analog Kid Avatar
128 months ago
The key phrase here for me is "and security questions". Most of those questions are biographical, and most celebrity biographies are well known.

I've always thought it was silly to say that the name of my high school was a security question-- there is nothing secure about that information.
Score: 22 Votes (Like | Disagree)