This article was published on March 23, 2017

Apple denies iCloud security breach despite evidence from hackers [Updated]


Apple denies iCloud security breach despite evidence from hackers [Updated]

The iCloud saga continues as Apple has denied breach allegations made earlier this week by a hacking collective better known as Turkish Crime Family. The company further downplayed any threats that hundreds of millions iPhone devices could be at risk of being remotely wiped clean.

But information obtained by The Next Web suggests this might not be entirely true. Following an earlier report from Motherboard, Turkish Crime Family reached out to us with further proof of the legitimacy of the hacking.

The group has since provided TNW with a small sample of the data set in question, which we have been able to confirm is at least partially authentic – though not all leaked credentials seem to be functional.

Turkish Crime Family additionally noted that all previous communication with Apple and Motherboard has been led by a member that has since been removed from the crew for “inaccuracy” and “lack of professionalism.” The group now claims all conversations with Apple have been kept private, rejecting the authenticity of Motherboard’s report.

Speaking to Fortune, the Big A reassured its customers that its security team has found no signs suggesting its systems have been infiltrated, despite the attackers’ claims to be in possession of more than 600 million compromised Apple email and iCloud accounts.

While the tech giant is yet to officially confirm the authenticity of the data provided by the hacking group, an Apple spokesperson told Fortune that – if authentic – the alleged breaches must have taken place via third-party services:

There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

The publication further links the leaked data set to an earlier hacking at LinkedIn, which put over 100 million accounts at risk. The stolen credentials, which included emails and passwords, were reportedly then sold on the Dark Web.

We have since cross-referenced some of the credentials in the sample set with security tool Have I Been Pwned. While most of them appear not to have been involved in the LinkedIn hack, we were able to confirm some of the emails and passwords provided by Turkish Crime Family are indeed authentic.

We couldn’t, however, verify whether the initial breach came from LinkedIn or Apple, and precisely when it took place.

It’s worth reiterating that TNW received a tiny fraction of the alleged data set, which makes it difficult to conclusively identify the original source of the attack.

But one thing is for sure: Regardless of who is telling the truth here – Apple or Turkish Crime Family – it seems now is a good time to reset your iCloud account and all passwords associated with it before it’s too late.

Update 8:00 AM ET: Turkish Crime Family has contacted us with a new statement which confirms Apple’s claims that its systems are indeed intact and have not been breached. Instead, the stolen credentials were obtained through a multitude of previously compromised databases the hackers have collected over the last five years.

Turkish Crime Family maintains that – despite Apple’s assurance of the safety of its customers – the group still has plans to wipe millions of iPhone devices clean if the Cupertino titan refuses to comply with its requests.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with