Last night, we reported about Mac and iOS users who awoke to discover that their devices have been remotely locked by hackers claiming to have gained access through the device owner’s Find My iPhone account. In exchange of reinstating the owner’s account, the hacker demanded a ransom for himself.
Apple has responded to the issue and has released a statement, insisting that their iCloud service was not breached by the hack. Instead, Apple has discovered that individual user accounts of affected devices were compromised via social engineering or password reuse. Responding to this attack, this is the statement released by Apple:
“Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.”
The initial reports on the attack came from an Apple support forum, wherein affected iOS users based in Australia shared the problem to other users. Soon enough, the rest of the world discovered they were also targeted by the hacker who hid under the name ‘Oleg Pliss.’
As of this writing, there is still no update on how the hacker was able to gain entry to these accounts. Noting that the attack came a day after rumors of Apple preparing a home automation market presentation for next week’s WWDC 2014, a similar attack may be even more serious. If ever, Apple seriously needs to work on this issue.
Source: 9to5mac
Leave a Reply