Apple to add alerts to iCloud

Apple to add alerts to iCloud

Summary: Apple is ramping up iCloud defences in the aftermath of hackers swiping nude photos of celebrities from the online digital vault.

TOPICS: Security, Apple, Privacy

The Wall Street Journal has quoted Apple chief executive Tim Cook saying iCloud accounts of film stars including Jennifer Lawrence were looted by hackers who used tactics such as correctly answering security questions to obtain passwords, or tricking victims into revealing user IDs and passwords with ruses referred to as "phishing" scams.

In coming weeks, Apple will start sending people alerts when attempts are made to change passwords, restore iCloud data to new devices, or when someone logs in for the first time from a new Apple gadget, the Journal reported.

Tools will be in place for legitimate users of accounts to seize back control.

Cook was quoted as saying that Apple also wants to make people more savvy when it comes to guarding against hackers with strong passwords and other techniques.

"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook was quoted as saying.

"I think we have a responsibility to ratchet that up. That's not really an engineering thing."

Apple will expand the use of two-factor authentication, which requires someone trying to access an account to augment a password with a temporary code sent by text message to the account holder's mobile phone.

Apple said on Tuesday a "targeted attack" led to the release of nude photos of celebrities but insisted there was no breach of its cloud storage system.

The admission came as experts and lawyers said the hack was a wake-up call about the dangers posed by technology to people's privacy, whether they are stars or not.

Topics: Security, Apple, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I wasn't aware this was not the case already...

    The seem to send you lots of notifications when you make changes and add devices to icloud - looks like they must have missed one.

    I really hope that this serves as a wake up call to people! This happened because of bad user behaviours and people need to be more savvy with their security.

    -Never re-use passwords
    -Treat you email account like your bank account - if that one's hacked, most other sites can be reset through it.
    - do not use real answers to silly security questions!

    This is my biggest pet peeve with the current online security. Guess what? I have a good chance of being able to google your date of birth, mothers maiden name, place of birth, primary school. If I know you through twitter I may also know you favourite colour, first car, street you lived on. It's ridiculous.

    Whenever I've had an employee get locked out of their email, we've been able to get straight back in through security questions. Half the time even they are shocked how easy and publicly available that info is.

    Of course you can't do anything about stupid support centres. The only think I've ever had hacked was twitter, and all they did was contact twitter support and tell them things that sounded like me based on my posts. They didn't know my security questions and they didn't have access to my email. A guy at the other end just said 'yup that's probably you' and gave them a temporary password, didn't even send me an email to let me know.
    • Oh I just remembered

      Talking to microsoft support once when my mother in law forgot her password, and they asked if she could remember 3 sites she was subscribed to receive emails from. Not three people she had sent emails TO, just sites anyone could have sent emails FROM. As soon as we'd reset the password I asked to speak to the manager.
  • A senior manager asked me yesterday ...

    ... if Gdrive was safer than iCloud.

    I replied "I don't know, do you have 2FA on your iCloud? Because I do on my Gdrive ..."

    Nuff said. Apple can't claim this is nothing to do with them. They have to give the tools (which include education and notifications as well as 2FA) to enable people to make their account more secure.
  • Rolling Stones sung about this in '65

    "Hey, You! Get off of my cloud!
    Don't hang around 'cause
    Two is a crowd
    For my cloud baby..."
  • This is why Apple still can't be trusted to take security seriously.

    They just had a massive public breach and they are blaming the victims.

    Then talking about how users should enable 2 factor authentication to imply the user is somehow at fault for not enabling this wonderful security tool. The only problem is that Apple didn't enable 2 factor authentication where the hackers downloaded the backup files to access everything from the users iDevice.

    Tim Cook is peddling snake oil with smoke and mirrors.

    Apple chose to protect its image instead of doing what was right and be up front about security flaws. Pointing the finger at users it just effing shameful on his part.