Apple denies hackers holding millions of iPhones, iCloud accounts ransom

Apple reassures customers that none of its systems have been breached, dismissing hackers' claims that millions of iPhones and iCloud accounts are at risk of being wiped

Apple says none of its systems have been breached and denies that hackers are holding millions of iPhones and iCloud accounts to ransom.

“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the company said in a statement.

The statement comes after Motherboard reported on 21 March 2017 that a group of hackers calling themselves the Turkish Crime Family was threatening to wipe millions of iPhones and iCloud accounts unless Apple paid a ransom of $75,000 or hand over $100,000 worth of iTunes gift cards by 7 April 2017.

The hackers claimed to have access to up to 559 million  Apple email and iCloud accounts, but did not provide any of the supposedly stolen credential to verify this claim apart from a YouTube video they said showed a member of the group using stolen credentials to access an iCloud account and view photos.

The hackers reportedly shared screenshots of emails allegedly exchanged with Apple, including one where a member of Apple’s security team asked the group to share a sample of the stolen data.

According to Apple, the list of email addresses and passwords hackers claim to have appears to be from “previously compromised third-party services”.

A person familiar with the contents of the alleged data set said many of the email accounts and passwords contained in it matched data leaked in a past breach at LinkedIn, reports Fortune.

More than 160 million LinkedIn accounts were exposed in 2012, but the full extent of the breach only came to light in 2016.

Apple said it will continue to “actively monitor” the situation and work with law enforcement to ensure that user data remains safe.

“To protect against these type of attacks, we recommend that users always use strong passwords, not use those same passwords across sites, and turn on two-factor authentication,” Apple said.

Independent security advisor Graham Cluley said the claims underline the potential for hackers to steal data and use the media to increase pressure on organisations to pay up to avoid exposure.

Read more about two-factor authentication

“I believe that companies should do everything in their power to protect their customers and prevent criminals from profiting from extortion,” he wrote in a blog post.

“I do hope that the media stories will help remind Apple users of the importance of using a strong, unique password to secure their account and enable two-factor authentication to make their accounts harder to break into,” he said.

Paul Calatayud, CTO at security firm FireMon, said anyone who does not use two-factor strong authentication to any account runs the risk of the password being harvested, or guessed.

“For example, if my e-mail account happens to be Yahoo, and if that account is affected by the breach that recently came to light, then there is a chance that the attackers are already able to compromise other accounts I hold, such as my Apple ID,” he said.

Read more on Privacy and data protection