Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple 'actively investigating' celebrity photo leaks for possible iCloud connection

Apple on Monday confirmed in a short statement that it is in the process of determining whether or not security breaches in its online services were responsible for the outing of hundreds of racy photos of celebrities, including actress Jennifer Lawrence and model Kate Upton, over the weekend.

"We take user privacy very seriously and are actively investigating this report," Apple representative Natalie Kerris told Re/code. The company has not made any further public comment.

Rumors of an iCloud security breach began circulating as soon as the first photos hit the web on Sunday, though there remains scant evidence to support the claims. The original poster of the images on web forum 4chan indicated that the shots had been collected from Apple's online service, but also admitted to having gathered the photos from others, making it unlikely that they are privy to the technical details of the leaks.

The fact that many of the celebrities were shown taking "selfies" with Android or Blackberry handsets cast even more doubt on iCloud's role. Other services, including Snapchat and Dropbox, have also been implicated at various times with similarly nonexistent levels of evidence.

Adding confusion to the mix was the Monday disclosure of a flaw in Apple's "Find my iPhone" service that could allow attackers to use brute force tactics against weak iCloud passwords when the login email address was known. Apple quickly patched that hole, and it is unclear what role, if any, it may have played in the leak.

Numerous previous leaks that had been initially attributed to "hacks" were later found to actually be the result of a combination of social engineering techniques and poor password management on the part of the victims, and those issues remain the most likely explanations for Sunday's release.



210 Comments

lunarmoon 29 comments · 16 Years

#1 rule - never have pictures of yourself naked on a phone, any phone or computer. #2 rule - never let anyone take your picture naked. follow these two simple rules.

philboogie 7669 comments · 15 Years

1) Why put up a 938KB ""10314-2477-photosharing_hero-l.png? Can't AI simply put an 80KB .jpg in the thread instead please? 2) Bit late to the party on this story AI, already discussed in depth over here: http://forums.appleinsider.com/t/182037/apples-secret-iphone-6-digital-payment-system-said-to-also-include-visa-mastercard FYI, that was yesterday 3) I didn't see any proof of a 5.5 incher in those pics¡

theothergeoff 2081 comments · 14 Years

Quote:
Originally Posted by AppleInsider 
[....]The original poster of the images on web forum 4chan indicated that the shots had been collected from Apple's online service, but also admitted to having gathered the photos from others, making it unlikely that they are privy to the technical details of the leaks.
[....]
The fact that many of the celebrities were shown taking "selfies" with Android or Blackberry handsets cast even more doubt on iCloud's role. Other services, including Snapchat and Dropbox, have also been implicated at various times with similarly nonexistent levels of evidence.
[....]
Adding confusion to the mix was the Monday disclosure of a flaw in Apple's "Find my iPhone" service that could allow attackers to use brute force tactics against weak iCloud passwords when the login email address was known. Apple quickly patched that hole, and it is unclear what role, if any, it may have played in the leak.
[....]

lots of people 'get' photos via email or MMS... although it's an exercise for the user to put them into your photo stream, it's a pretty minor effort to mine your apple email if I got your password by hook or by crook.  Or just hook up a phone to each of these accounts with the apple ID password, and latch onto the streams of information (notes, photo streams, etc).

 

 

NB:

I love the irony of people who get photographed at various levels of undress, and then take/get/store pictures of themselves in various levels of undress, and then claim foul when they feel their 'privacy' was impinged. (I know, the choice of what is published and what is personal is the very definition of privacy).  'Exposure' is their only fungible asset.

 

Now Justin Verlander... what did Mickey Say "Lay off the Women... Women Weaken Legs!"  He got more than his fair share of exposure.

theothergeoff 2081 comments · 14 Years

Quote:
Originally Posted by PhilBoogie 

3) I didn't see any proof of a 5.5 incher in those pics¡

No, but there were a couple of definite 'large diagonals' exposed.;-)

bigpics 1397 comments · 19 Years

Leaving anything you don't want seen in an online computer or repository with anything less than best practices (frequently changed LastPass passwords, two factor authentication, 256 bit AES encryption, e.g.) is an invitation to the [B][I]"hackarazzis"...[/I][/B] ...that said, sometimes I wonder about some of the photos that get leaked, i.e., I can see wannabe D-listers, somewhat there starlets who can't get press, and those finding themselves losing relevance, "Wow, look what leaks did for Paris Hilton and [insert relevant 15 minutes of fame and looking for more name here]...." ....and then kinda, sorta, maybe leaving some stuff where it practically begs to be picked up and published, and then getting in front of the media cameras all indignant (but lookin' good!) and upping their Q factor...