Skip to main content

One third of Americans have improved their online security since the iCloud hacks

image002

A YouGov survey of more than 1,000 American consumers commissioned by security company Tresorit found that just over a third of them have taken steps to beef-up their online security in response to the iCloud hacks.

The most common response was to change passwords for stronger ones, with 13 percent creating different passwords for each online service and 6 percent enabling two-step verification … 

The celebrity nudes obtained from iCloud appear to have been accessed as a result of conventional attacks rather than anything iCloud-specific, an Apple statement confirming our own theory that a combination of phishing and security questions were used.

Metadata analysis suggests that the hackers were able to obtain complete backups of the iPhones targeted. A criminal investigation into the leaked photos is being led by the FBI.

Apple has promised a number of security improvements in response to the hacks, including push notifications when someone tries to change a password, restore from iCloud to a new device or logs in to iCloud from an unknown device. It will also be “aggressively encouraging” use of two-factor authentication, which will be extended to cover accessing iCloud from a mobile device.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Bruno Fernandes (@Linkb8) - 10 years ago

    How about an option for “I’ve done nothing because everything on the list was already being done” so we could gain some insight into that 65% no response.

    • Ben Lovejoy - 10 years ago

      That would be useful, but I suspect that would be a pretty small proportion of that 65% – and a strong overlap with 9to5Mac readers …

      • Bruno Fernandes (@Linkb8) - 10 years ago

        Also, 30% of 1000 people is hardly an indicator of the entire nation. Especially given the context. I don’t expect any material difference in the effectiveness of similar password attacks in the near future without additional measures implemented directly by the service providers.

      • Do you happen to have a source for this study where I can look at the original results?

      • Ben Lovejoy - 10 years ago

        It’s not online as far as I know – what we reported is what we have

    • Joshua Alan - 10 years ago

      Here would be some good improvements to the security. 1. Encrypt the data on icloud 2. Only allow the data to be downloaded to an authorized device and to become an authorized device you need to sign in with your email and password or if you want to take it a step further send a code to other authorized devices that needs to be typed in to download the data. 4. require all password to be reset as well as security questions and make those questions a little more difficult so someone can’t just guess it. 5. Send an alert to other authorized devices if a failed attempt has been made to sign into the icloud account, not just if someone was successful. Some people may find some of these a pain but if this incident has taught us anything it should be that sometimes drastic measures are needed for your data to be secure.

  2. PMZanetti - 10 years ago

    I don’t think it’s appropriate to call it “iCloud hacks” at all.

    • Bruno Fernandes (@Linkb8) - 10 years ago

      I’d be surprised if even half the content leaked came via iCloud.

    • dcj001 - 10 years ago

      I agree. It would be good to stop repeating what other people are saying what they don’t know what they’re talking about.

    • Ben Lovejoy - 10 years ago

      Apple has confirmed iCloud was at least a significant source, and I think Cook would have been keen to point out if it was the source for only a minority of the photos: http://9to5mac.com/2014/09/04/tim-cook-addresses-icloud-photos-hacking-says-major-security-improvements-coming-soon/

      • Bruno Fernandes (@Linkb8) - 10 years ago

        They’re taking the high road. If in doubt, grab a large set of the leaked content yourself and start looking. I did.

      • Ben Lovejoy - 10 years ago

        Post an analysis? Would be interesting to see.

      • dcj001 - 10 years ago

        But there is no evidence to show that iCloud was/has been hacked. Some people use are victims to phishing schemes and insecure passwords:

      • It’s the term “Hacked” that I take issue with. iCloud was not hacked. ‘…online security since the iCloud Social Engineering leaks took place.” would be a less click-bait-y headline that more accurately depicts what happened.

        Using the term “Hack” in the public space makes people think they fell victim to an attack they couldn’t prevent, because “OMG l337 h4x0rs.” Call it what it is and raise awareness so that people go “Oh! Social engineering? What’s that?” and become more informed.

        I get that this is a ‘business,’ but you’re journalists. You should be held to a higher standard.

      • Ben Lovejoy - 10 years ago

        Hack (n): gain unauthorized access to data in a system or computer.

      • Mok - 10 years ago

        Ben, technically, it was “authorized” access because iCloud did not supply or leak the passwords- they were inputted correctly. Unless iCloud can read minds, it has no way of knowing that the real user wasn’t the one inputting the correct password. It wasn’t a “hack”.

      • Ben Lovejoy - 10 years ago

        That’s an interesting interpretation of authorized, but not one I’d share.

    • Ben Lovejoy - 10 years ago

      Whether the method used was phishing or exploiting weak security questions, these were hacks

  3. greenbelt2csp - 10 years ago

    I modified my social media privacy settings about two years ago. It’s called deleting my accounts and EMAILING, CALLING, and VISITING the people I love. I somehow feel more social…

  4. Computer_Whiz123 - 10 years ago

    Good for them… My password is like 16+ characters. I’m good…

  5. dfresh1988 - 10 years ago

    In other news, 35% of the population has nude selfies on their phones.

  6. Mok - 10 years ago

    What a misleading headline and conclusion. The people who would take the effort and energy to respond to such a survey are much more likely to be the type of people who would be more aware of security, and would take action to improve this. Its not an objective sample size in the least. 35% seems insanely high.

  7. I did nothing. My nuddie pics are the stuff of bad dreams, so nobody wants them.

  8. Truffol (@Truffol) - 10 years ago

    how about “I’m not a celebrity so I got nothing to worry about” lol

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear