Katie Marsal
As part of its efforts to beef up iCloud security and prevent unauthorized access, Apple now by default sends users an email when someone has logged into their iCloud account through a traditional Web browser.
Starting Monday morning, just a day before the company is expected to show off its next-generation iPhone, users began receiving emails notifying them of access to their account through the iCloud.com site.
The email informs users that their Apple ID was used to sign in to its iCloud account via a Web browser. The note includes a date and time that the account was accessed.
Users are told that if the access was authorized, they should disregard the email. But if someone else may have gained access to their account, a link to quickly reset the Apple ID password is provided.
The new security measure is enabled by default, unlike more extensive methods users can employ, such as two-step verification for iCloud and iTunes accounts.
Apple Chief Executive Tim Cook signaled last week that his company planned to roll out new iCloud security alerts, and also that two-step authentication would become available to more iCloud users worldwide. The changes come on the heels of a celebrity hacking scandal, and also as the company is expected to offer new functionality, including a rumored mobile payment system, with its next-generation iPhone.
After a number of private celebrity pictures leaked onto the Internet last week, Apple spoke out to dispel rumors that its iCloud service had been hacked. Officials at Apple reportedly looked into the leaks and found that targeted attacks were used to steal the images, while the iCloud service remains safe and secure.
It's believed that the images have been circulating amongst a close-knit group of hackers and file traders on the Internet for some time, potentially years. The images showed celebrities taking "selfies" with a number of handsets, including Apple's iPhone, as well as Android and Blackberry devices.
Christine McKee
Charles Martin
Oliver Haslam
William Gallagher
Sponsored Content
37 Comments
Stuff like this was simple for Apple to do from the start. Glad it's finally here, though.
I don't know if this question has been definitively answered, but I'll ask anyway: is iCloud protected against 'brute force' password hack attacks?
I personally don't mind some type of notification when there are invalid login attempts either. If someone is trying to break into my house, I want to know when and who. Some way of reporting suspicious activity would be nice too.
Bit late by then - surely should provide 2-factor auth? (Although I'm sure that's a significant change they'll be working on furiously already). And what email do they send to? If someone's logged into icloud they can just delete the mail?
Time to create a filter in gmail.
I'd much rather get an email after there have been like 10 failed attempts to access my account - regardless of which way it happened (web, OS X, iOS, whatever). That way I know if someone is trying to brute force my account.