Apple on the hack: ‘our systems weren’t breached, this was a targeted attack’

Exclusive... Teen Starlet Ariana Grande A Smash At Vancouver Meet and Greet For Latest Film
In the wake of the stolen celebrity photos, many people were quick to point out the flaws in Apple’s confusing iCloud system. Although it’s unknown exactly how the photos were obtained, it’s widely assumed that the photos were lifted from the cloud, since at least one of the celebrity victims said that the photos had been deleted from her device years ago.

There were many theories about how this wide scale theft of digital property was accomplished. The Find My iPhone App previously allowed an infinite number of password entries for users without locking them out of their accounts. This was deemed the “iBrute” bug as there was a scripting method of exploiting this by obtaining “brute force” entry into accounts. (More on that at End Gadget) Apple seemed to tacitly acknowledge that this was an oversight as this bug was patched on Monday. Users of the Find My iPhone app are now allowed only five attempts to remember their password before the account is locked.

Now Apple has issued a statement regarding the hacking, and it’s disappointing. They seem to say there’s nothing they could have done and that this is in no way due to a bug or flaw in their system.

We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.

[via Business Insider]

I understand that Apple has legal reasons why they can’t admit responsibility in any way, and that they need to reassure their millions of users that our data is secure in the cloud and we have nothing to worry about. This statement is disappointing to me, as it seems to place the blame on the victims. It seems to suggest that it’s the celebrities’ fault for not using their double security system, instead of admitting that their system was at the least unclear to users. It really does sound like it’s something that could have been prevented on their end, given the fact that Find My iPhone was vulnerable to scripting programs. Of course the hackers are ultimately responsible and I hope they are prosecuted in a reasonable way that’s in no way a knee jerk response. (Yes this was a crime and a gross violation of privacy, but I’m conflicted because some hackers are prosecuted to an extent that in no way fits the crime.)

I would like to add a personal anecdote about how frustrating apple products can be. Earlier this year, I got an iPhone and quickly filled it up with photos and videos. Around that time I also made the switch to using a macbook as my primary computer. I used to work as a web designer, I’m very tech savvy and I know basic coding. The process of getting the photos and videos from my phone onto my computer is still unknown to me. I connected my phone, the photos went into a “library” on iPhoto, and then the library would no longer open. I downloaded another app to open the corrupted library, so now I can see the photos from that one app, but it’s unclear where the photos actually are or how to export them to another device. I have googled this several times and have given up for now. I have similar issues with iTunes. It’s hard to know what’s on my phone and what’s on my computer and where it’s stored.

Apple may be technically “easier” to use but it’s not transparent to users at all. I feel for these female celebrities who assumed their personal photos were deleted and/or secure. Apple gives the impression that their products are not as vulnerable to hackers or viruses as PCs. As we’ve learned, that’s not always the case.

Stars On The Set Of 'The Other Woman'

Kirsten Dunst Out Walking Around In New York

photo credit: WENN.com and FameFlynet. I believe Kirsten Dunst is carrying a blackberry in this photo from 2011. Photo of Kate Upton, Leslie Mann and Cameron Diaz is from the set of The Other Woman.

You can follow any responses to this entry through the RSS 2.0 feed.

98 Responses to “Apple on the hack: ‘our systems weren’t breached, this was a targeted attack’”

Comments are Closed

We close comments on older posts to fight comment spam.

  1. QQ says:

    “It’s hard to know what’s on my phone and what’s on my computer and where it’s stored”

    EXAACCTLY THIS!!

    ive Become so angry/frustrated with Itunes that Basically i dont use it at all dont Upload music dont do updates to it NOTHING likewise the cloud sits Unused, I have a OneDrive where things get stored but out of curiousity I went to iCloud yesterday and although my phone says it’s backing pics and such to there There is NOWHERE IN THE CLOUD where you can see the actual pic content … I asked my better versed on apple friend and he told me “Oh out of security and all Apple doesnt have them Visible In the Cloud” which ROTFL are you serious?!? soo how do you even delete content that you arent interested in anymore?!?

    • Lady Macbeth says:

      Exactly. Ditto to everything.

    • Erinn says:

      I work in IT, and I could have thrown my husbands IPhone across the room. Trying to move stuff around on it is a pain in the ass.

      I’m in the market for a new phone, and I’m sticking with my androids. I love my HTC Raider, but she’s getting old. I might move over to a Nexus 5, because I love my Nexus tablet. NEVER will I buy an iPhone.

      • Erinn says:

        My issue is that they’re really pretty phones. But I can’t validate the headache. And I also like to torrent and stuff on mine, which is easier on an android/windows phone.

        I think the nexus is in my near future, and I’m a little bit excited.

      • Janet says:

        Get a Samsung. I’ve had a Galaxy S4 for a year and a half and I love it. Never had the slightest problem with it.

      • Erinn says:

        Janet – the Samsungs are on my list to check out. I’ve heard a lot of good about them. I really like my HTC as well, and wouldn’t be opposed to going that route again.

      • magz says:

        Have an HTC One (M7), Why not stick to HTC? Its great-never gives me issues and I heard the new M8 is even better.

      • Sozual says:

        Yeah, I thought everyone ran over to Samsung! The iPhone is so 2008. People have gone on about how their system makes it where you have to buy all Apple everything. Samsung has moved up to the next decade already.

      • Audrey says:

        I have a galaxy s3 and i still love it. For the first time ever, I feel absolutely no desire to upgrade my phone

        I bought a macbook when I was dumb back in 2011. I hate it so much. Their customer service and warranty are a joke too. My husband lost the charger while traveling almost a year ago, I haven’t even bothered to get a new one. It just sits in the case.

        I’m only going to buy a cord so I can reset and sell it

      • Jen says:

        I’m replying to you from my Nexus 5. If you’re in IT and tech savvy I’d say go for the Nexus over the S4 (no bloatware and easier to root if you want to)

      • Firefly says:

        LOVE my HTC One M8. If you already like the HTC you have, I say go with the M8. Sense is by far my favorite UI out there. My first smartphone was the Incredible, and after having a GNex and an S3 (whose UIs I didn’t have a problem with) since then, having Sense again is amazing. It’s only gotten better over the years. I worry about HTC though, and their abysmal advertising/marketing. I can’t have them folding and taking their phones away from me!

    • Bshg says:

      I have the exact same problem. Apparently at some point I saved some pictures on the Cloud (can’t remember when or how), so I accessed it yesterday to delete all of them (erase-FRENZY!) and they’re not accessible. Also, I unfortunately decided to upload some pictures from my boyfriend’s Mac on my iPhone and now they’re saved in a folder named “IMPORT” which I can’t delete in any way. I can neither dispose of the whole folder nor delete each picture individually. It’s getting me crazy!

      I as well haven’t changed my playlist for ages cause I can’t figure out the correct way to upload ALL the songs I want to have. Can somebody help??

    • Rae says:

      I did the EXACT same thing yesterday QQ! I constantly get these messages on my phone about backing up my photos and content to the cloud, and after all this stuff, I was curious about how the cloud works because, quite honestly, I’ve never intentionally uploaded anything to it. So I logged on… no pictures. Anywhere. So where the hell are they??? Seriously. Can someone tell me?

    • diva says:

      I’ve never used Apple products and I’m glad I haven’t. I know too many people who have issues with it. Androids and PCs are fine for me.

    • Mel M says:

      Yes! I’ve had to call apple at my own expense because of issues getting stuff off of my iPhone and onto my computer or visa versa and even they sometimes had no idea what was wrong! It’s infuriating that you can’t get an answer from either the internet, thier website or thier help desk. I’m just so attached to it and then few people that I know who have gotten a different phone after having an iPhone have regretted it :/

  2. Lady Macbeth says:

    Any Apple device is beyond frustrating. They are cool, yes. But with all the download/upload thing every action becomes a mess (not to speak about the barriers between Apples and Microsoft that they were put there on purpose!)

    As QQ said, you never damn know where all your stuff is, it is so damn frustrating! I don’t blame the actresses for putting their pics on their devices, but I do blame the general ignorance about these devices about being safe. No way.

    For instance, yesterday I cancelled my Icloud account. Apple, one less person to get worried about.

    • GoodNamesAllTaken says:

      I so agree. We have all Apple computer, ipad, phones, etc.. When I used Microsoft, I taught myself so much by using the help feature. I could fix almost any problem and learned how to do pretty sophisticated stuff. The Apple help feature is useless. You have to rely on other Apple users who are nice enough to post answers to questions, but it takes a lot longer, and though I might be able to resolve the problem, I’m still not sure how it works. Hate the guts of Apple, but can’t switch it all back now.,

      • Lady Macbeth says:

        I totally agree with everything you said, Goodnames.

        Believe me, sending big hugs your way…. I don’t know how you can deal with that. My husband made the huge mistake of buying me an Ipad as a Xmas pressie two years ago. Countless issues for ANY reason…. It is the only Apple device we have and the last one we will ever buy. Not to mention that bluetooth and wifi on our Ipad don’t recognise any of the other devices we have.

      • GoodNamesAllTaken says:

        Thank you! I need the hugs. I want to slap Apple. Lol

      • Lady Macbeth says:

        I want to slap it too lol

    • QQ says:

      Oh and how about the whole 2 step verification stuff Is like How Many accounts to verify each other do we need to create?!? it must be a BITCH to have like a few devices! i have one and im GOOD.ON.THAT!!

  3. Renee says:

    I am a bit of a luddite and am not tech savvy in the least so it makes me feel a bit better to hear other people state that they have issues with ITunes…I thought that it was just my lack of expertise/denseness that was making it hard for me to grasp what is now going on.

  4. bella says:

    oh, and am i the only one who finds this little ariana girl irritating?
    she gives diva an entirely new meaning.
    watch out for this one 😉

    • Liv says:

      Me too. And she and Victoria Justice still claim that their pictures are fake. Come on, there are hundreds of women whose pictures were stolen, but you two got in there with fake pictures?

      • Phie says:

        Victoria Justice actually released a statement basically saying some of the pictures were fake (which at least 2 of them have been proven to be photoshopped) and some of the pictures were real.

      • Liv says:

        I just read that too. I still think they tried to bury the “scandal” by saying the pictures are fake.

    • Adrien says:

      Kinda like her voice but she’s too twee. She’s 21 but she looks 12.
      Liv, I believe her photos are really fake.

  5. Mia4S says:

    I remain astounded that there are “men” out there whose lives are so pathetic that they are going to serve a ten year prison term (see the guy who hacked ScarJo’s phone) in order to look at boobies. I mean, how completely worthless are these guys? Oh did you hack and expose environmental crimes by big oil?…Nope, boobies! Pathetic. Their supporters and those viewing the photos aren’t much better. They would be the first to whine about the NSA but invading privacy is fine for boobies. They’re just misogynists I guess, women don’t count.

    • Nikita says:

      Omg, your post made me laugh so hard. I always joke about what I could be doing to save the world with all the time I waste online, and it’s the same thing with these pathetic booby- driven hackers.

      Dude, you were smart enough to breach the cloud, and you did what?!??!

    • PennyLane says:

      Actually Mia, these guys (and I’m assuming they’re all male) are looking at 20 years, not 10.

      The reason? Apparently the photos of the Olympic gymnast that were hacked and traded were taken when she was under 18….the feds are going to go to town on these guys and make a total example of them.

      Hope it was worth it!

      • Josefa says:

        It’s absolutely stupid. You couldn’t google a Playboy editorial or something?

        I guess they are just sick people. There must be something about violating a famous person’s privacy that turns them on. I normally feel bad for sick people, but not now.

      • CrysMeth says:

        In a non-celeb world, being underage, she would be charged with creating and distributing child porn…

      • sigh((s)) says:

        All you have to do is a “nude” google image search. Pretty pathetic.

    • Adrien says:

      What’s even more astounding is that one of the alleged hacker is not what you imagine him to be. No, he does not look like Rainn Wilson, Vince Vaughn or Randy Marsh of SouthPark. He does not look like an overweight geek hiding in his mom’s basement. He looks like one of your decent neighbors.

  6. Naneali says:

    Apple has no problem with the cloud, because Apple has a problem with security.

    There’s something on Gawker where Eva Longoria says she’s been contacted by stalkery store clerks who have all kinds of info on her, and in the comment section people say how apparently everyone working at Apple, down to temps, can access all data.

    I really hope people keep investigating, that the blow-out will be huge and that this will stay with Apple for them time to come. They’ve been on a high horse with other security breaches before.

    • mimif says:

      Please tell me how you were able to create a hyperlink, Naneali.

      • Naneali says:

        Hours later… because of work…
        This is how you do it: the description/name of whatever you want to link to, site or pic or map, goes here – minus the the spaces between the and the “” , of course

      • Lucrezia says:

        lol, Naneali. I guess it DOES till work with “the the spaces” 🙂

        @mimif: Let me see if I can break a link enough to make it not work, but still be understandable …

        (a href=”http://www.google.com/”) description (/a)

        description

        but replace the curvy brackets with angled brackets

      • Naneali says:

        Lucrezia, when I checked my post, it did have spaces, so I really have no idea what happened. I never thought of using round brackets though…

      • Lucrezia says:

        Heh, they weren’t my first thought.

        I tried shoving full stops between the brackets and that failed (as in it still worked instead of properly “not working”), and then tried replacing brackets with stars but missed a bracket so that failed too (bunch of text disappeared, I assume that’s what happened to yours.) Then there was an aborted experiment with exclamation marks, where I realised I was just re-doing what already hadn’t worked with full stops. Round brackets were a sudden last-gasp inspiration before I ran out of edit time.

        Breaking things correctly is MUCH harder than it appears.

  7. Tippy says:

    BEWARE THE CLOUD !!!

  8. Buttock Fatock says:

    Celebitchy, I feel you on the corrupted library issue. I had a similar problem when I upgraded MacBooks and tried to simply import libraries to transfer the photos. I think I used a program called “iPhoto Library Manager” to merge libraries, import, and export photos. It’s pretty straightforward & easy to use. (I don’t shill for them, just a former victim of tech rage.)

    • Celebitchy says:

      I did download that iPhoto Library Manager a couple of days ago but I’m still kind of fuzzy and how to export the individual photos. I will follow the advice downthread. Thank you!

      • Buttock Fatock says:

        If you have the most updated version, all you do is select the library you want to extract photos from, go to “File” and “extract photos”. Should extract to a folder in “Pictures”. As for individual photos–sorry, I don’t think it’ll do that. But at least it’s easier after extraction to preview the images as they are in the same place (not five folders down, as you mention below). Hope this helps.

      • Celebitchy says:

        Thank you! This gives me a lot of hope that they won’t be in individual folders. I will work on this when I’m done working and maybe I can finally clear my iPhone out.

  9. KT says:

    @Celebitchy, your photos should all be there. The library is basically a folder turned into a fancy link. Go to your Pictures folder, right click iPhoto library, click Show Package Contents. That will open up the actual library folder. The pictures will be in the Masters folder. Or originals, or revised, depending on how much you’ve worked with the pictures. This should work even if the actual library is corrupted but I can’t say for sure as I’ve never experienced it.

    Also, the prevailing theory that I heard is this was a leak from some sort of underground collection of celebrity nudes that was being added to for years. That’s why years old pictures are popping up.

    • Celebitchy says:

      Thank you! This is farther than I was able to get before. Well the “masters” folders are drill down year-month-day but there are no individual photos in the last level. There are photos in the “previews” folders but they’re five folders down by year-month-day-datewithadditionalnumber-random string. So each individual image is there in the previews but it’s seriously five folders down in its own folder. Exporting will be a pain, but at least I know where the files are. I don’t get why I can’t just see all the images in one folder.

  10. Birdix says:

    My sense was in the past apple prod were more secure because everyone was designing malware for pcs as that’s what most people had. I’ve only used apple products since my first boxy mac SE in 1989 and honestly PCs confuse me. All this said, I had a few shares of Apple stock and I sold them yesterday. That’s a terrible response from Apple to what happened.

    • Birdix says:

      and yes, the jokes on me, because the stock is up. but I also sold an east village apartment 10 years ago (see Chloe) for a relative song, so my financial savvy is not to be put on Miley’s pedestal.

  11. Jen34 says:

    Apple needs to accept more responsibility. I am not tech savvy at all and somehow all of my itunes songs have reproduced and I have 2 and 3 copies of the same song. All I know is that I did not repurchase them.

    That said, I am 100% certain that nothing I do online is private. I realize I am taking a risk when I shop on line or add people to my list of contacts. I half suspect that one day the FBI will seize my computer because of some link I have curiously clicked on or some message board I have visited. I know that everything I do online leaves a footprint.

    • Bonfire Beach says:

      I agree with EVERYONE , but YESSSSS to this! Why do I have 3 copies of each damn song on my iphone??????

      • iseepinkelefants says:

        That happened to me once when I had a problem with airplay and AppleTv. The techs had to go in and fix it for me. I will say one thing, Apple makes it really difficult to fix problems with it’s systems. I grew up with Mac and then moved to PC in 1995, and then recently moved to iOS a few years ago and it sucks trying to troubleshoot their problems. I don’t know if Microsoft is just more user friendly or what but it reminds me of that episode of Sex and the City where Aiden presses ctrl+alt+del and the Apple tech gets mad. But I mean everything with them is so annoyingly tailored to them that it makes it difficult to know how to work them if you haven’t had experience with them. You have to practically be an igeek to work their products.

    • ClaireB says:

      There are programs available through mozilla for example that stop trackers, for example, it stops facebook to know every single link you clicked, even when you’re not connected to the site. “Do not track me” is one of them. I don’t say it’ll fool the FBI, but it’s a good basic.

  12. Bridget says:

    I’m probably reading too much into this, but considering that the victims of this hack were pretty much all women and Apple is run primarily by men, the undertones of the Apple statement kind of gross me out.

  13. Justin says:

    Any company would say that.

    No data is safe.

    Whatever you do and then uploaded online is forever.

    Hopefully young girls will learn from this.

  14. Alarive says:

    My boyfriend started out as a hacker and now works for the government IT forensics department. In his spare time he purchases used SD cards that regular people sell on Craigslist and other similar websites for $2 or $3. He challenges himself to see if he can penetrate the SD cards deep enough to find the files that people delete and believe are deleted forever and lo and behold, he has found many, many pictures and files.

    Nothing is safe once it is made digital. It’s hard to understand at first but once you see it for yourself, you become really selective as to what you want photographed and what needs to stay as a fleeting moment in time.

    • littlemissnaughty says:

      Your boyfriends has a weird, weird hobby. But yes, that is why I have not sold a computer in my life. There are currently 6 old PCs/laptops in my parents’ house because we’re all too paranoid to get rid of them.

      • Alarive says:

        It’s not a weird hobby, they are tests to see the vulnerabilities in these systems and programs. With enough info his plan is/was to go to the media with this so more people know would know about it. Look at how much distrust is now being assigned to Apple. They are not the only ones.
        And you are right to be paranoid, but you can also remove your computer’s hard disk and sell the rest for parts, if you are interested in doing so.

      • THEAnti-socialbutterfly says:

        We let out kids disassemble them and batter the hard drives to death, lol.

      • littlemissnaughty says:

        @ Alarive: I do find it to be a weird hobby but that’s just me. Maybe because this isn’t news to me, I’ve seen it/read about it quite a few times but most people don’t really understand the concept of deleting vs. erasing all data. I know there’s a difference but I’m too lazy to find out how to completely erase my hard drives so the old stuff is just sitting there.

        Smashing them would be a solution but I just haven’t been motivated enough. LOL

        Now, the damn cloud is a different matter. I have no clue how to work that thing.

      • word says:

        Yes, I keep all my hard drives from old computers. They can be restored by a hacker very easily ! I don’t take nude pics, but I do on-line banking, taxes on-line, etc…

    • Dee says:

      This is also true of Scanners and fax machines. Most people aren’t aware but almost any machine (read: every machine) equipped with a computer chip can and does retain the information you feed it, even when they only seem like mediums to transfer info somewhere else. My cousin is a white hat hacker (professionally) and he was hired last year as part of a team to investigate a high level employee suspected of embezzling. He was able to find papers/receipts/money trails/emailed she had scanned or faxed then deleted from her computer or destroyed the hard copies thinking she was safe. You never are, not if the person looking has enough of a reason to dig deeper. This is why I have never used a public scanner or fax machine for important documents such as like in Kinkos or Office supply stores.

    • Tiffany :) says:

      This is why I think people should be looking past the “nude celebrities” aspect of this story, and realize that most people are vulnerable to having their information stolen. I wish more focus would be on security, and not whether or not these were good girls or if they were stupid or not.

      I mentioned yesterday, there is geographical information inside digital photographs. Therefore, seemingly innocent pictures of children can be used by predators to find and locate specific kids. That is just one example of this kind of vulnerability.

  15. la_boux says:

    The reason Apple isn’t taking responsibility is because there’s a good chance it’s not their fault.
    The latest investigation updates show the photos may have come from multiple sources (like Dropbox and iCloud), and were gathered by different hackers over a long stretch of time. The most likely culprit is still social hacks, where assistants are tricked into providing passwords to the celebrity accounts or customer service reps are tricked into resetting passwords. Those types of hacks are actually the easiest to commit.
    The more disturbing part is that there was a group on 4chan for years bragging about stealing and sharing these photos before their activity finally came to light.

    • Renee28 says:

      This is what I’ve read. Everyone is blaming Apple but one of the tech sites said this wasn’t a mass hack like the recent credit card breaches. This was targeted attack based on the pictures people requested. The majority of the pictures came from the cloud but all of these storage sites were probably hacked.

    • jwoolman says:

      Yes, that was my take on it. I think they would be able to tell if it was due to an “iBrute” attack, trying different password possibilities over and over again via a computer program. They seem to be saying that this did NOT happen, although they saw it was a potential problem and secured it by reducing tries. I know my iTunes account on my iphone has always allowed limited tries (I’ve had to change my password because of it). I am not very familiar with iCloud because I never trusted it. So I only turn it on when feeling the need to save my progress on Tetris Blitz…

      The Mac itself has always been very easy to troubleshoot- most problems vanish on restart. At worst, reinstalling the system (which was very easy, especially compared to Windows) would fix things. Techs who worked on networks said the vast majority of their time was spent in the Windows machines, and non-techies could easily be taught to troubleshoot software problems in the Mac but a “techie priest” was generally needed for the other machines. Software developers found it much easier to work up the Mac version of programs and tech support got only a small percentage of calls from Mac users even when they accounted for 50% of the sales. This matched my experiences with Windows-based colleagues, who unless computing challenges were a hobby for them, had to struggle with both software and hardware and rely on tech support while the Mac-based crowd didn’t. We (translators) mostly work in home offices or small agencies, so easy troubleshooting is a must. In a large office with in-house tech support and extra computers to which you can shift while someone else solves the problem- it doesn’t matter which species of computer you use. But when the mac put Intel inside, making Windows emulation programs faster than ever before, I was surprised to see a large exodus of Windows translators to the mac. They were on Windows only because a certain type of professional program required it back in dongle days. They were tired of the struggle… 🙂

      BUT the iPhone is not the Mac… which is a disappointment to me, although to be honest their rigidity has made things actually more secure than other systems. The iBrute hole is an odd huge oversight but that doesn’t seem to be the source of the problem in this case. The reason the iPhone itself was assumed to be the problem is more likely simply because it’s a popular system and everybody hacked (all with plenty of money, although iPhones are not that expensive with a 2 year contract) had an iPhone. I do agree that they need to do a much better job explaining exactly how to set up things properly. The Mac has always had setup tutorials/assistants that actually take you exactly where you need to go and explain the options. Things are much more complicated nowadays, but it can be done. It shouldn’t be so hard to figure out how to use such features properly.

  16. Algernon says:

    “Apple gives the impression that their products are not as vulnerable to hackers or viruses as PCs.”

    They should really stop with that because at this point, it’s just waving a red flag at hackers.

    Also, their statement is complete BS. I understand they’re covering their a$$es in case of lawsuit, but come ON. This happened because Apple has/had a security vulnerability. And saying “you didn’t use our needlessly complicated security features correctly” is sort of admitting that your security is questionable to begin with. Stuff like this should be clear and concise and user friendly. I shouldn’t need a coding degree to secure my online presence.

    • jwoolman says:

      Actually, it used to be true for many years. Macs have always been far more secure than Windows machines. This is due to Microsoft’s lack of attention to security issues. For years, just about the only thing that could affect us on the Mac were macro viruses in MS products, hence the advice to avoid enabling the macros in a foreign doc. A few years ago, the German government banned MS software on all government computers (I think they went to Unix as the OS, not sure) because of all the wasted time spent dealing with viruses and worms. I was only indirectly affected by all the hackers, because the whole net was sometimes affected. One worm had the net paralyzed for several hours and limping for weeks. Took me several hours of retries on the first day to get an urgent file to a panicked project manager (he finally though to give me his personal e-mail address, which had recovered). E-mail continued to be delayed or disappeared because servers were so hopelessly clogged. A credit card payment I made online was automatically declined by my bank because that’s what bank computers do when they’re running slow- and banks depend on the net today.

      But the hackers also focused on MS systems because businesses were so heavily invested in Windows and are slow to change. Macs were nominally a small amount of the pc market for that reason, even though individuals in various professions were using macs at a much higher rate (language professionals, graphic artists, scientists and engineers for everything but running stuff automatically in the lab, schools, and home users). So the easiest way to muck things up on a grand scale was to hit Windows users. Add to that the common dislike of Microsoft (they really make awful software that gets worse with every upgrade, care nothing about backward compatibility, take ages to issue patches for severe problems that they deny exist, and have an incredibly greedy and ridiculous licensing scheme) and Microsoft’s legendary carelessness about security – and you can see why that also has made it a popular target.

      But Apple’s iOS is now established as a front runner in the smartphone base, and since iOS is not the friendly beast that Mac OS has been – Apple is ticking people off, also. They can’t assume hackers will focus just on Microsoft any more.

  17. aquarius64 says:

    Apple is in full damage control mold so not to lose customers….

    OT: Jennifer Lawrence is going to have a problem getting her nudes. According to TMZ, the site that have them has thrown down the gauntlet to her lawyers. Some of her nudes are not selfies, and under some crazy law the person who TOOK the pictures is the rightful owner. The precedent was the Ellen Degeneres Oscar pics with other celebs; Bradley Cooper took the pic, so Cooper owns it. Bottom line – that site is saying to JLaw’s lawyers prove she had a copyright to the nudes or name who took them. Those pics must be potentially career damaging for them to go this route.

  18. Lydia says:

    Apple needs to start investigating its employees. I won’t be surprised if someone who has access to the accounts is responsible for this. Eva Longoria stated this morning that an Apple employee sent her an email after accessing her account information.

  19. PennyLane says:

    I know that this is probably overly optimistic, but I really hope that people can get past the entire “whores! tramps! it’s all their fault!” thing and realize that these celebrities are just the canary in the coal mine and that these hackers are coming for all of us.

    Also, the risk is just going to get worse: since the 1000 photo storage limit will soon be gone, ALL of everyone’s photos will always be stored in their iCloud:

    http://www.macworld.com/article/2359708/icloud-meet-photos-whats-changing-for-your-images-in-ios-8.html

    “Monday’s Worldwide Developers Conference keynote was an exciting one for me on multiple levels, but the icing on the cake was seeing Apple’s plan for handling images and video on iOS. Come the fall, the company’s 1000-photo iCloud sync limit is history, to be replaced by an all-encompassing, some-storage-required iCloud Photo Library. It’s a pretty big shift for both the company and its users….”

    What could possibly go wrong?

    • Monksolo says:

      considering how cheap memory is, drives, USB keys, you name it –there really is no excuse for this big push on the part of Apple and Google to develop huge central warehouses to store people’s personal information, apart from being able to snoop in their lives.

    • Tiffany :) says:

      I really hope that people can get past the entire “whores! tramps! it’s all their fault!” thing and realize that these celebrities are just the canary in the coal mine and that these hackers are coming for all of us.

      YES!!!!!!
      “Canary in the coal mine” is a PERFECT description, thank you! This should be a serious wake up call about how vulnerable we ALL are, regardless if we take nude photos. I have seen so many comments that deflect the issue by making judgments about the photos themselves, and miss the point about the bigger picture they are a part of.

    • Tiffany :) says:

      But even if society adopts an attitude that laughs off nude photos…there is still the underlying issue that private information is being stolen and sold.

    • PennyLane says:

      Exactly! People need to get over themselves.

    • jwoolman says:

      If so, I predict a huge influx of naked cat pictures into the iCloud…

    • jwoolman says:

      Basically, the “Lady Godiva” approach. She had to ride the horse naked, but everybody refused to look…

  20. Buttock Fatock says:

    “You must wait 3 days to enable two-step verification”. Good grief, Apple. You’re killing me.

  21. Ruyana says:

    I used to feel ashamed that I am old and completely clueless about anything to do with technology. I gave my iPad to my son because I couldn’t learn to use it.

    After all this mess I don’t feel so bad.

  22. TheCountess says:

    Apple is not wrong; security measures are only as good as the end-user using them. For starters, every user should be using two-step authentication whenever it is offered. Next, unless you are regularly working on materials you NEED to access from electronic devices that are in different physical locations, do not use Cloud storage. Keep your backups on an encrypted, external hard drive. Do NOT back up your iPhone camera roll to the iCloud photostream – and if you have, zap it from your phone and your laptop.

    All indications are that this was a brute force attack. Users who were not utilizing multiple security measures were vulnerable – hence the name “brute force.” They’re looking for people with weak, or no, protections on their data, and they found them. 4Chan users brag about doing this routinely to non-celebrity women. We all have to be proactive and aggressive, and not expect Apple – or anyone else, really – to do the work for us (though of course, they should provide the means to enable us).

  23. EllaM says:

    I bet most of the women weren’t aware of the fact that their pics were stored in the cloud and that’s the main problem and it’s not exclusive to Apple. I installed Google+ on my Android device and all pictures from it were uploaded to my G+ account. Uploading can be turned off, but this is an option that should be turned off by default.

  24. Ginger says:

    I have multiple Apple products and don’t use the cloud either. But it is confusing. My hubby is in IT and even he has trouble explaining the cloud so I just avoid it.

  25. The Original Mia says:

    I used to love iTunes until it lost most of my songs during an update. Since this breach, I’ve put all my pics on my desktop PC for safe keeping. This is the second breach Apple has addressed after the fact. The Samsung 5 is looking real good right now.

  26. becky says:

    It’s not just Apple. If you download Picasa, it sorts all the photos and videos from Iphoto into albums, and its default album setting is public. So for a few minutes, until the settings are changed, all photos are public under photos in your Google account.

  27. jammypants says:

    Hm, I used to have trouble looking for photos/videos, but if you open your Image Capture app (if you use Macs), you have access to all your files that you can save to your desktop and/or delete. As for iCloud backup, that one is a tricky matter. You can also backup instead to your desktop by fiddling with the iTunes settings.

  28. CC says:

    How can they say it’s not their fault? The fact that there was no lockout or notification to the account owner after X failed attempts is entirely Apple’s fault. Hell microsoft email does this by default!

    Instead, they allow their design to be exploiteed by a bot (this is what a brute force attack really is, it’s not “social engineering” to guess passwords) who kept hammering the system with sequential passwords until successful, since, once again, there was no lockout to prevent more than, say, 3 failed attempts in a row.

    • jammypants says:

      I agree. Apple completely dropped the ball and shifted the blame by stating the obvious that the hackers, indeed, were targeting specific accounts. That still did not explain their vulnerability they had no protocol for.

  29. Veronica says:

    “systems weren’t breached, this was a targeted attack”

    Yes…a targeted attack that breached your system. WTF else do you think a hacker attack does? GTFO out of here, Apple.

    I upgraded to a smartphone to the first time this year, and I went with the iPhone 4s. I have to say after less than a year of using it and already having to replace it once due to a minor fall (with a case on!) that I am not impressed with the product and am baffled by why it is so popular. The system is not what I’d consider exceptionally user friendly. I had to quest my way through the setting options to find basic commands that were easily accessible on other phones. I won’t even get started on iCloud. So while I don’t think some user error may contribute, something this significant is not the fault of a user. A system is supposed to be designed to be accessible to the lowest common denominator, whether they like it or not. I’m far more likely to trade in for a Droid or Samsung the next time I upgrade, and they’re approach toward this issue is not helping to sway that decision.

  30. LAK says:

    I gave up on apple products a long time ago, after becoming frustrated with their very unhelpful customer services. Their response to this hacking is completely in line with all my frustrations with their products.

    It might not be hip or cool, but PC, Samsung and Blackberry have not let me down yet!

  31. Flower says:

    The word in ‘geekdom’ is that these photos did not come from 100’s of different accounts but from one account that has been downloading and storing these pix for years, probably by someone working at Apple with wide and deep access to cloud accounts. When the hacker is found, if it turns out he works for Apple then the company could be hit for for compensation in a court of law.

    • Flower says:

      I meant to say that when the hacker is found , if it turns out that he down loaded them from one account and that account had been set up by an Apple employee then they are in trouble.