Apple Responds to Hack Threats, Says There Were No iCloud or Apple ID Breaches - MacRumors
Skip to Content

Apple Responds to Hack Threats, Says There Were No iCloud or Apple ID Breaches

In response to a ransom threat in which hackers are claiming to have access to more than 600 million iCloud accounts, Apple told Fortune there have been no breaches of its systems.

Instead, if the hackers do have access to iCloud accounts, Apple suggests previously compromised third-party services are at fault. From an Apple spokesperson:

There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the spokesperson said. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

Apple's response follows a report from Motherboard that suggests a group of hackers known as the "Turkish Crime Family" have claimed to have access to hundreds of millions of iCloud accounts.

Apple two factor authentication
The Turkish Crime Family has threatened to reset the iCloud accounts and remotely wipe victims' Apple devices if Apple does not pay $150,000 in Bitcoin or Ethereum by April 7. If Apple does not pay in three days, the group plans to increase the amount of money it is asking for.

Originally the group was believed to have access to 300 million icloud.com, me.com, and mac.com email addresses, but that number later jumped to 627 million due to additional hackers allegedly stepping forward to provide account credentials. The hackers say at least 220 million of the login credentials are verified to work and do not have two-factor authentication enabled.

With Apple denying a breach, the iCloud account information has likely been obtained from major hacking incidents that have affected companies like Yahoo. iCloud users who have the same username and password that was used for both a hacked site and for iCloud should change their passwords immediately.

The Apple spokesperson also told Fortune the company is "actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved," but did not outline what specific steps are being taken to monitor the situation beyond "standard procedure."

Apple recommends that all iCloud users choose strong passwords, use different passwords for different sites, and turn on two-factor authentication to protect their accounts.

Popular Stories

iphone 16 teal

'Siri AI' Lawsuit Update: Apple to Pay Owners of These iPhone Models

Thursday July 9, 2026 7:08 am PDT by
In May, Apple agreed to pay $250 million to settle a U.S. class action lawsuit over Siri AI's delayed launch, and eligible iPhone users could receive up to a $95 payout. This week, the California court overseeing the case held a hearing regarding preliminary approval of the settlement, but the judge has not yet issued a ruling. It will likely be at least a few more months before eligible...
Apple TV Thumb 3

Everything Coming in the 2026 Apple TV 4K

Wednesday July 8, 2026 4:51 pm PDT by
The Apple TV 4K hasn't been updated since 2022, and it's due for a refresh. An update is planned for 2026, but Apple is likely going to wait to launch it after Siri AI launches in iOS 27. Design Apple TV design updates don't happen often, and that's not changing. The next Apple TV is going to have the same squircle shape as the current model, and it'll continue to be made from a black...
apple wallet drivers license feature iPhone 15 pro

Apple Says iPhone Driver's Licenses Will Expand to These 6 U.S. States

Thursday July 9, 2026 7:29 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps. To set up the feature, open the Wallet app on the iPhone and tap on the plus sign in the top-right corner. Next, tap on Driver's License and ID Cards,...

Top Rated Comments

Kaibelf Avatar
122 months ago
Typical Apple. Blame others first then admit to fault later, if ever.
Provide evidence before accusing
Score: 50 Votes (Like | Disagree)
ulyssesric Avatar
122 months ago
Typical Apple. Blame others first then admit to fault later, if ever.
Typical hater. Blame Apple first for whatever they have or haven't done then disappear from the thread.
Score: 44 Votes (Like | Disagree)
Watabou Avatar
122 months ago
Typical Apple. Blame others first then admit to fault later, if ever.
How are they blaming others? They're just saying people use the same user name and passwords. There was no actual scraping of user names and passwords from iCloud database is what Apple is saying. How the heck is that Apple's fault if people use the same username/passwords?
Score: 42 Votes (Like | Disagree)
122 months ago
Typical Apple. Blame others first then admit to fault later, if ever.
But they said THEY have not been compromised.
Score: 27 Votes (Like | Disagree)
CarlJ Avatar
122 months ago
The people behind this kind of thing need to be set on fire, it's just evil behavior, whether or not they actually have the details they purport to have. I'm going to venture a guess that this, indeed, isn't a hack of Apple itself, and do simply have some password-reuse email/password combinations from other sites.

Time to turn on 2FA, if you haven't already, and never use the same password in more than one place - get a good password manager (I like 1Password) and use it to keep long random passwords that are separate for every site.
Score: 17 Votes (Like | Disagree)
pdaholic Avatar
122 months ago
Two-factor authentication FTW, beetches!
Score: 10 Votes (Like | Disagree)