Apple Reportedly Aware of iCloud Flaw Six Months Before Hacking of Celebrity Accounts

icloud_icon_blue Apple knew about an iCloud security flaw six months before it was utilized to hack celebrity accounts on the service, reports The Daily Dot. The company was notified of the exploit by independent security researcher Ibrahim Balic, who shared emails between himself and members of Apple's product security team.

In an email from March 2014, Balic told Apple that he was able to bypass the security of any iCloud account by using a "brute-force" hacking method that was able to try over 20,000 password combinations. Balic recommended to Apple that it should implement a feature in iCloud that prevents log-ins after a set number of failed attempts, and even reported the exploit through Apple's Bug Reporter. Balic was also the developer said to be behind the extended outage of Apple's Dev Center last year.

In May 2014, Apple emailed Balic and questioned the validity of the exploit, stating that it "would take an extraordinarily long time" to find a valid authentication token to get into an iCloud account using the flaw. Balic states that Apple continued to ask him about the exploit and how it would be utilized.

On September 1, 2014, hackers breached the iCloud accounts of many well-known actresses, downloading and leaking private photos and videos. While it was not initially known what caused the breach, The Next Web linked to a Python script on Github that may have been used for the hacking. The script utilized a brute-force like method which allowed hackers to keep guessing passwords without being locked out.

Apple acknowledged later in the day that it was investigating the breach, ultimately leading to comments from CEO Tim Cook along with new security implementations. Those implementations included automatic emails when iCloud accounts are accessed via web browsers, automatic two-factor authentication for iCloud.com, and mandatory app-specific passwords for third-party apps accessing iCloud.

Top Rated Comments

Jimrod Avatar
84 months ago
It's all going rather brilliantly at the moment isn't it.
Score: 81 Votes (Like | Disagree)
Xultar Avatar
84 months ago
I'm waiting or the not Apple's fault crowd.

I love apple products, the culture, heck I love everything about apple EXCEPT the excuses made for them. Apple prides itself on excellence. Until they no longer make quality and excellence a selling point their customers need to demand it and call them out when they under perform.

Making excuses for mistakes & sloppy work will not help Apple.
Score: 32 Votes (Like | Disagree)
maflynn Avatar
84 months ago
Wow, more good news for apple. They're really hitting their stride with bad press lately.

Bending phone
iOS 8.01 bug that should not have been rolled out
iCloud security issues that should have been addressed sooner.
Score: 31 Votes (Like | Disagree)
sshambles Avatar
84 months ago
Geeze, when it rains (bad news) it pours.
Score: 26 Votes (Like | Disagree)
Keniutek Avatar
84 months ago
LOL, apple realy is on a roll lately. Leaked pics, great keyonte stream, bend gate, ios8 and 8.0.1.
Bravo, well deserver Thanksgiving break ;).
Score: 19 Votes (Like | Disagree)
jamesrick80 Avatar
84 months ago
Surely wouldn't trust them with Apple pay now, imagine your credit card information stolen. :rolleyes:
Score: 19 Votes (Like | Disagree)

Top Stories

apple transfer google photos 1

Apple Launches Service for Transferring iCloud Photos and Videos to Google Photos

Wednesday March 3, 2021 12:04 pm PST by
Apple this week introduced a new service that's designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple's privacy website and sign in to see the "Transfer a copy of your data" option. If you select this and go through all the steps, Apple will transfer your iCloud photos and ...
rosetta 2

Rosetta May Be Removed From M1 Macs in Some Regions on macOS 11.3

Tuesday March 2, 2021 5:20 pm PST by
Installing the upcoming macOS 11.3 software update on an M1 Mac may result in Rosetta 2 being removed in one or more regions around the world. In the third beta of macOS 11.3 seeded to developers for testing today, MacRumors contributor Steve Moser uncovered new strings in the beta's code indicating that "Rosetta will be removed upon installing this update." Another new string reads "Rosetta ...
Screen Shot 2021 03 03 at 11

MagSafe Charging Port for iPhone Appears in Apple Patent

Wednesday March 3, 2021 1:30 am PST by
In a newly granted patent, Apple envisions a type of connectivity port using an iteration of its magnetic MagSafe charger to charge an iPhone, potentially paving the way for a future without Lightning. Submitted to the United States Patent and Trademark Office on Tuesday (via Patently Apple), the patent outlines a three-pinned MagSafe charger, similar to the ones found in older MacBook...
Oled iPads and MackBook Pro

OLED 10.9-Inch iPad Rumored for Early 2022, 12.9-Inch iPad Pro and 16-Inch MacBook Pro Could Follow

Thursday March 4, 2021 8:37 pm PST by
Earlier today, DigiTimes shared a preview of an upcoming report claiming that Apple is working on both iPad and Mac notebook models with OLED displays that could launch starting in 2022. The full report from DigiTimes is now available, and it includes several new alleged details about Apple's plans. According to the report, the first of these devices to adopt an OLED display is likely to be...
OLED iPad Pro and MacBook Pro

iPad and MacBook Models With OLED Displays Rumored to Launch in 2022

Thursday March 4, 2021 8:19 am PST by
Apple plans to release new iPad and MacBook models with OLED displays in 2022, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The information was shared in the site's paywalled "Before Going to Press" section, so there are no further details yet, but the full report should be released by tomorrow. Apple has gradually increased its adoption of OLED...
iPad mini pro feature

Sketchy Rumor Claims 'iPad Mini Pro' Launching in Second Half of 2021

Wednesday March 3, 2021 3:04 am PST by
Apple is expected to launch a sixth-generation iPad mini in the first half of 2021, possibly as soon as this March, based on long-standing rumors. However, a new rumor out of Asia that has gained traction in the last 24 hours suggests an "iPad mini Pro" will arrive in the second half of this year. According to a post on Korean blog Naver, whose rumor track record is unknown, the device...
maxresdefault

What's on Your iPhone Home Screen?

Thursday March 4, 2021 10:31 am PST by
Over on our YouTube channel, MacRumors videographer Dan has a new video up where he shares his Home Screen, wallpaper, and all of his current favorite widgets. Subscribe to the MacRumors YouTube channel for more videos. Check out Dan's video to see his setup, and then comment below and show us your own Home Screens. It's always fun to see other peoples' Home Screens, and with widgets and...
apple pencil 3 leak

New Apple Pencil Allegedly Leaks With Glossy Finish and Redesigned Tip

Wednesday March 3, 2021 6:17 am PST by
Images supposedly depicting a third-generation Apple Pencil have been shared on Twitter by the leaker known as "Mr. White." The purported new Apple Pencil appears to share a very similar design to the current, second-generation Apple Pencil, which is shorter than the previous version and charges inductively on the side of an iPad. The updated Apple Pencil appears to have a glossy...
apple watch ecg wrist

Apple Watch ECG Feature Gets Approved in Australia

Wednesday March 3, 2021 2:07 am PST by
The Australian government has approved ECG functionality on the Apple Watch, giving Apple the all-clear to launch the feature for Apple Watch users in the country, according to a regulatory document first spotted by The 8-Bit. Earlier last month, the Apple Watch's irregular heart rhythm notification received approval in Australia, although ECG did not. Irregular heart rhythm is a feature...
PIA23764 RoverNamePlateonMars web

NASA Mars Perseverance Rover Uses Same PowerPC Chipset Found in 1998 G3 iMac

Tuesday March 2, 2021 3:21 am PST by
NASA's Perseverance rover, which recently made history landing on the surface of Mars, is powered by the same processor used in an iMac more than 23 years old. Image Credit: NASA As reported by NewScientist (via Gizmodo), the rover includes the PowerPC 750 processor, the same chip used in the G3 iMac in 1998. The main chipset is the same; however, there are differences between the...