Drudged up in the aftermath of this weekend’s celebrity photo hacks was that nagging dread that nothing on our devices is actually private. The target of that dread was Apple, particularly their iCloud service that stores the data on your phone even after you delete it. Shortly after the leaks became a worldwide news story, Apple vowed to take a looooong look in the iMirror to see if this was a breach of their security system, or if the victims simply didn’t protect themselves well enough. Apple has finally released the result of their findings, and as expected, it’s not their fault and you should really come up with a better password. Their full statement is as follows:
CUPERTINO, Calif.–(BUSINESS WIRE)–We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.
Apple is right. Everyone should protect their private data with all the tools at their disposal. Despite all the awesomeness it has to offer, the Internet is not a nice place at all.