It was over the weekend that hackers leaked intimate celebrity photos on various message boards via cloud storage. While it hasn’t been confirmed The recently compromised Apple-operated service has raised both concerns and further debate over privacy issues and personal responsibility. As for the service itself and how it came to be compromised, Apple is said to be looking into that, adding more to its plate for September.
“We take user privacy very seriously and are actively investigating this report,” said Apple spokeswoman Natalie Kerris in speaking with Recode earlier today. Posted to Twitter, Reddit, 4chan, and other message boards and social sites, the photos leaked included those of Kirsten Dunst, Kate Upton and Jennifer Lawrence, among other celebrities.
Rumor is that Apple’s “Find My iPhone” has proven to be another problem, this time allowing for the breach. The Next Web reported that hackers probably used a tool called iBrute allowing for repeated attempts at a password on the “Find My iPhone” service—which at the time allowed for unlimited attempts. Once successful, passwords and iCloud-stored data are ripe for the picking.
Several security experts told Recode that things could’ve possibly been avoided if victims made use of Apple’s two-factor authentication (or two-step verification outside of the iVerse). The security feature adds an extra layer to the traditional password authentication by requiring an additional numerical code to be entered. Apple’s lack of advertising the feature and—according to FireEye director of threat research Darien Kindlund—users having to sift through support files to find anything about it are also to blame.
Earlier this year, hackers held iPhones ransom by using the “Find My Phone” feature.