Apple Denies Security Breach With Hack of Nude Hollywood Photos

Apple released a statement Tuesday saying the recent nude photo hack kerfuffle had nothing to do with a system wide breach.

Which means if you aren't a celebrity, you likely don't have to worry about your iCloud account being hacked for personal photos.

Or do you?

In their statement, Apple denied any breach within its system, but did concede celebrity accounts were compromised by attackers using standard phishing techniques to guess user names, passwords and the answers to security questions.

Security researcher Ken Westin reminded celebs - like Jennifer Lawrence who had her intimate photos stolen in the hack - and average citizens alike that images and data no longer just reside on the device that captured it.  “Once images and other data are uploaded to the cloud, it becomes much more difficult to control who has access to it, even if we think it is private,” he said.

"After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet," the Cupertino-based company said in their official statement.

"None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone," the company said.

Apple clearly wants to drive home the point that stronger password practices could have prevented this incident and the hack didn’t happen as a result of any systematic flaw in Apple’s security systems or cloud services.

The "brute force" techniques used to access the accounts in questions were the same that make any online accounts vulnerable; those include researching biographical details of a target to guess passwords and answers to security questions, and possibly running through multiple options until you find the right one, according to Tech Crunch.

Which means anyone — celebrity or not — could be the target of a similar attack.

“It is important for celebrities and the general public to remember that images and data no longer just reside on the device that captured it,” security researcher Ken Westin wrote in a blog post Monday. “Once images and other data are uploaded to the cloud, it becomes much more difficult to control who has access to it, even if we think it is private.”

Apple recommends these password choices for the best protection (Image source: Screenshot).

Apple also said they are continuing to work with law enforcement to help identify the criminals involved in the hack, which resulted in a swath of racy, private celebrity photos released to the public.

The FBI confirmed Monday it is aware of the hacking allegations and is “addressing the matter,” but the agency declined to comment further.

The FBI investigated previous leaks of nude celebrity images, including involving Scarlett Johansson, Mila Kunis, Christina Aguilera and footage of television sports reporter Erin Andrews in a Tennessee hotel room; those cases resulted in convictions.

(H/T: Tech Crunch)

--

Follow Elizabeth Kreft (@elizabethakreft) on Twitter