Wednesday, May 28, 2014

Apple's iCloud Service Hacked

Soon after iCloud users in Australia reported their devices were locked, with a message asking for money, more reports have come in from users in New Zealand, Canada, and the US. Apple finally acknowledged the situation and responded with the following statement:

"Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store."

The message Australian users were sent (no matter the iCloud device) appeared to have originated from Apple's find my device service. It stated "Device hacked by Oleg Pliss" along with instruction for the user to send $100 if they wanted to unlock the device.

The root cause of this attack has not been determined yet, but with the Apple support community thread that’s open, many users are joining together to help investigate. Hopefully, this will get Apple closer to finding common factors to crack down on the attacker(s).