Apple has responded to this week’s hackings of celebrity iCloud accounts, which resulted in postings of private photographs. Here’s Apple’s statement in full:
CUPERTINO, Calif.–(BUSINESS WIRE)–We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.
Apple says that it conducted an investigation for more than 40 hours, and denies that iCloud or Find my iPhone was actually breached. Apple is presenting this as a very targeted username, password, and security questions hack on “certain celebrity accounts.” Apple recommends that users utilize the 2-step verification service for Apple IDs/iCloud. The company also says it is continuing to work with law enforcement on finding the hackers involved.