Apple 'actively investigating' celebrity photo leaks for possible iCloud connectionApple on Monday confirmed in a short statement that it is in the process of determining whether or not security breaches in its online services were responsible for the outing of hundreds of racy photos of celebrities, including actress Jennifer Lawrence and model Kate Upton, over the weekend.
"We take user privacy very seriously and are actively investigating this report," Apple representative Natalie Kerris told Re/code. The company has not made any further public comment.
Rumors of an iCloud security breach began circulating as soon as the first photos hit the web on Sunday, though there remains scant evidence to support the claims. The original poster of the images on web forum 4chan indicated that the shots had been collected from Apple's online service, but also admitted to having gathered the photos from others, making it unlikely that they are privy to the technical details of the leaks.
The fact that many of the celebrities were shown taking "selfies" with Android or Blackberry handsets cast even more doubt on iCloud's role. Other services, including Snapchat and Dropbox, have also been implicated at various times with similarly nonexistent levels of evidence.
Adding confusion to the mix was the Monday disclosure of a flaw in Apple's "Find my iPhone" service that could allow attackers to use brute force tactics against weak iCloud passwords when the login email address was known. Apple quickly patched that hole, and it is unclear what role, if any, it may have played in the leak.
Numerous previous leaks that had been initially attributed to "hacks" were later found to actually be the result of a combination of social engineering techniques and poor password management on the part of the victims, and those issues remain the most likely explanations for Sunday's release.
On Topic: Security
- New guidelines may push Apple to switch away from SMS for two-factor authentication
- Pokemon Go players sacrifice full Google account access, pair of fixes coming soon
- Another Mac-specific malware pops up, but Apple's Gatekeeper still prevents infection
- New Mac malware can remotely access FaceTime camera, but macOS Gatekeeper users are protected
- Apple's differential privacy in iOS 10 is opt-in, limited to four use cases