Last night we reported that several Mac and iOS users were finding their devices remotely locked by hackers who had gained access to the users’ Find My iPhone accounts and demanded a ransom to return the devices to a working state.

Today Apple issued a statement on the problem, noting that—as suspected—the iCloud service itself was not actually breached, but individual user accounts may have been compromised through password reuse or social engineering:

Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.

The first reports of the attack came from Australian users on Apple’s support forum, but users from around the world quickly discovered that they, too, had been targeted by the hacker (or hackers) using the name “Oleg Pliss.”

So far there’s no indication of exactly how the perpetrators gained access to these specific accounts. The news of the attack came just a day after rumors that Apple is preparing to enter the home automation market during this year’s WWDC, which could prove to be a tempting target for similar denial-of-service attacks in the future, if true.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

2 Responses to “Apple denies iCloud breach was responsible for device lockout attack, advises users to change passwords”

  1. eswinson says:

    Several user / password databases of high profile services were hacked recently including ebay. It would not be very hard to try them as credentials for AppleIDs using the same password. I bet more than 80% of the time they are the same.