Apple Inc. said its iCloud service wasn’t breached by hackers who posted nude pictures of celebrities, as the company works to deflect questions about the security of its systems.
Photos from the celebrities were stolen individually, the company said. The celebrity accounts were “compromised by a very targeted attack on user names, passwords and security questions, a practice that is all too common on the Internet,” the Cupertino, California-based company said in a statement Tuesday.
Apple is working to quiet a firestorm about the hacked celebrity accounts, with nude photos of actress Jennifer Lawrence and others surfacing over the last few days on the Internet, allegedly obtained by hackers who used the company’s iCloud service to illegally access files. The reports threatened to mar Apple’s event on Sept. 9, where the company is set to unveil new iPhones, a wearable device and a mobile-payments system, people with knowledge of the matter have said.
The incidents spurred the U.S. Federal Bureau of Investigation to release a statement yesterday saying the agency is aware of the allegations “concerning computer intrusions and the unlawful release of material involving high profile individuals.” The agency is “addressing the matter,” Laura Eimiller, an FBI spokeswoman in Los Angeles, said by e-mail.
The iCloud service is a key part of Apple’s strategy to unite its iPhones, tablets and desktop computers, letting users store contacts, e-mails, photos and other personal information on external systems they can access.
Apple said in its statement today that a flaw with iCloud, the service used for storing photos, contacts, e-mail and other information, wasn’t responsible, nor was its “Find my iPhone” feature.
“When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source,” Apple said. “Our customers’ privacy and security are of utmost importance to us.”
The company said it is working with law enforcement to identify the perpetrators of the hacks.
Apple is also encouraging people to use stronger passwords, including having at least eight characters with one number, one letter, one capital letter and not be used in the prior year. Apple also wants customers to use two-step verification, which means after a password is entered, an addition code will be sent to a person’s mobile phone.
Security and privacy is a key issue for Apple as it introduces new services that will require people to trust the company with sensitive information. New HealthKit software serves as a clearinghouse for health and fitness related information, while the next batch of iPhones will include technology so they can be used for making payments.
© Copyright 2021 Bloomberg News. All rights reserved.