Russia

Apple “Actively Investigating” iCloud Celebrity Hacking Violation: Reports

Apple said it was “actively investigating” the violation of several of its iCloud accounts, in which revealing photos and videos of prominent Hollywood actresses were taken and posted online.

“We take user privacy very seriously and are actively investigating this report,” Apple spokeswoman Natalie Kerris told Recode. A similar statement was given to Mashable and NBC News. An Apple spokesperson did not immediately respond for comment to NBC Bay Area on Monday, either by phone or email.

The FBI also told NBC News that the agency was "aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter."

On Sunday night, images of many high profile stars, some real, some said to be fakes, are said to have been taken from the iCloud accounts of several celebrities, such as actress Jennifer Lawrence and about a dozen others.

Someone then posted them to the Web image-sharing community 4Chan and have since spread across the Web, showing up on social media sites like Twitter, Reddit and elsewhere. The Independent reported that anonymous users on 4Chan claimed to have taken them from iCloud, which automatically stores photos, emails and contacts, allowing users to sync this data between devices.

Nickelodeon star Victoria Justice, who was another victim of the online hacking, tweeted that her nude photo was not real.

"These so called nudes of me are FAKE people," she tweeted. "Let me nip this in the bud right now. *pun intended*"

Apple has not revealed how the accounts were hacked into.

Some experts, such as Mandiant, who spoke to Recode said according to what they've seen, it appears to have been was a fairly straightforward attack. The Independent noted that while Apple’s encryption on the data itself is considered robust, access could have been gained by guessing users' passwords or simply resetting their accounts by finding their email address and then answering traditional ‘security questions’.

And while there’s no direct evidence tying the program to the attack, Recode notes the timing of the hacking coincides with a talk given by security researchers on the subject of security on iCloud. A program called iBrute was created by security researchers in Russia as a proof of concept and demonstrated as part of a talk a security conference in St. Petersburg earlier this month.

In 2005, Paris Hilton was the target of a hacking attack in which pictures and text messages from her Sidekick smart phone were pilfered from a cloud storage account. A group of young men were prosecuted over that incident and another attack against the database giant LexisNexis, and most of them served time in federal prison or juvenile detention.
 

Contact Us