Apple Reportedly Aware of iCloud Flaw Six Months Before Hacking of Celebrity Accounts

icloud_icon_blue Apple knew about an iCloud security flaw six months before it was utilized to hack celebrity accounts on the service, reports The Daily Dot. The company was notified of the exploit by independent security researcher Ibrahim Balic, who shared emails between himself and members of Apple's product security team.

In an email from March 2014, Balic told Apple that he was able to bypass the security of any iCloud account by using a "brute-force" hacking method that was able to try over 20,000 password combinations. Balic recommended to Apple that it should implement a feature in iCloud that prevents log-ins after a set number of failed attempts, and even reported the exploit through Apple's Bug Reporter. Balic was also the developer said to be behind the extended outage of Apple's Dev Center last year.

In May 2014, Apple emailed Balic and questioned the validity of the exploit, stating that it "would take an extraordinarily long time" to find a valid authentication token to get into an iCloud account using the flaw. Balic states that Apple continued to ask him about the exploit and how it would be utilized.

On September 1, 2014, hackers breached the iCloud accounts of many well-known actresses, downloading and leaking private photos and videos. While it was not initially known what caused the breach, The Next Web linked to a Python script on Github that may have been used for the hacking. The script utilized a brute-force like method which allowed hackers to keep guessing passwords without being locked out.

Apple acknowledged later in the day that it was investigating the breach, ultimately leading to comments from CEO Tim Cook along with new security implementations. Those implementations included automatic emails when iCloud accounts are accessed via web browsers, automatic two-factor authentication for iCloud.com, and mandatory app-specific passwords for third-party apps accessing iCloud.

Popular Stories

Apple WWDC24 Apple Intelligence hero 240610

Apple Explains iPhone 15 Pro Requirement for Apple Intelligence

Wednesday June 19, 2024 4:48 am PDT by
With iOS 18, iPadOS 18, and macOS Sequoia, Apple is introducing a new personalized AI experience called Apple Intelligence that uses on-device, generative large-language models to enhance the user experience across iPhone, iPad, and Mac. These new AI features require Apple's latest iPhone 15 Pro and iPhone 15 Pro Max models to work, while only Macs and iPads with M1 or later chips will...
Apple Intelligence General Feature

Apple Intelligence Features Not Coming to European Union at Launch Due to DMA

Friday June 21, 2024 9:44 am PDT by
Apple today said that European customers will not get access to the Apple Intelligence, iPhone Mirroring, and SharePlay Screen Sharing features that are coming to the iPhone, iPad, and Mac this September due to regulatory issues related to the Digital Markets Act. In a statement to Financial Times, Apple said that there will be a delay as it works to figure out how to make the new...
iPhone 16 Pro Max Generic Feature 2

5 Biggest Changes Rumored for iPhone 16 Pro Max

Wednesday June 19, 2024 5:00 am PDT by
Given Apple's rumored plan to add an all-new high-end tier to its iPhone 17 series in 2025, this could be the year for Apple to bring its boldest "Pro Max" model to the table — the kind of iPhone 16 upgrade that stands tall above its siblings, both figuratively and literally. If you have been holding out for the iPhone 16 Pro Max, here are five of the biggest changes rumored to be coming...
Apple Vision Pro 2 Feature 2

Apple Reportedly Suspends Work on Vision Pro 2

Tuesday June 18, 2024 8:17 am PDT by
Apple has suspended work on the second-generation Vision Pro headset to singularly focus on a cheaper model, The Information reports. Apple was widely believed to have plans to divide its Vision product line into two models, with one "Pro" model and one lower-cost standard model. The company is said to have been deprioritizing the next Vision Pro headset over the past year, gradually...
back to school 2024

Apple's 2024 Back to School Sale Launches, Up to $150 Gift Card With Mac or iPad

Thursday June 20, 2024 4:29 am PDT by
Apple has launched its annual Back to School promotion for college students in the United States. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad. Apple is also offering students 20% off AppleCare+ plans. Apple is offering a $150 gift card with any new MacBook Air, MacBook Pro, or iMac, and a $100 gift card with the purchase of any new M4 iPad ...
iOS 17

Apple Releases First Public Beta of iOS 17.6

Thursday June 20, 2024 10:18 am PDT by
Apple today seeded the first betas of upcoming iOS 17.6 and iPadOS 17.6 updates to public beta testers, with the betas coming a few days after the initial iOS and iPadOS 17.6 developer betas. Public beta testers can get the beta by opening up the Settings app, going to the Software Update section, tapping on the "Beta Updates" option, and toggling on the iOS 17 or iPadOS 17 Public Beta....

Top Rated Comments

Jimrod Avatar
127 months ago
It's all going rather brilliantly at the moment isn't it.
Score: 81 Votes (Like | Disagree)
Xultar Avatar
127 months ago
I'm waiting or the not Apple's fault crowd.

I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.

Making excuses for mistakes & sloppy work will not help Apple.
Score: 32 Votes (Like | Disagree)
maflynn Avatar
127 months ago
Wow, more good news for apple. They're really hitting their stride with bad press lately.

Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
Score: 31 Votes (Like | Disagree)
sshambles Avatar
127 months ago
Geeze, when it rains (bad news) it pours.
Score: 26 Votes (Like | Disagree)
Keniutek Avatar
127 months ago
LOL, apple realy is on a roll lately. Leaked pics, great keyonte stream, bend gate, ios8 and 8.0.1.
Bravo, well deserver Thanksgiving break ;).
Score: 19 Votes (Like | Disagree)
jamesrick80 Avatar
127 months ago
Surely wouldn't trust them with Apple pay now, imagine your credit card information stolen. :rolleyes:
Score: 19 Votes (Like | Disagree)