Apple Breached?

Story:
On March 21st of this year, Motherboard released an article about a possible security breach to Apple and its iTunes’ accounts.  According to the article, a hacker group calling themselves the ‘Turkish Crime Family’ has acquired a cache of iCloud and other Apple user names and passwords and are attempting to extort Apple for $75,000 in bitcoin or $100,000 in iTunes gift cards.

Apple has stated that there have been no breaches to any of their systems.  According to an article from Wired, Apple has stated, “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services. We’re actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved.”Apple has gone on to say that they do not perceive the hacker group as a credible threat.

Apple has gone on to say that they do not perceive the hacker group as a credible threat.  In some ways, it is easy to see why they feel that way.  I’ve honestly waited until now to write about this because the more that is published and I read, the story seems to change and the group even changes their story.  Even in the first article, there was a discrepancy in the number of accounts the group claimed they had in their position.  Now, from all that I’ve read, they’ve either upped their demands or the story keeps changing.  Now the threat includes everything from locking people out of their accounts to wiping 250 million iPhones.  They have even apparently given a deadline of April 7, just 3 days away, for Apple to comply with their demands.

Recommendation/Solution:
Regardless of the threat credibility, the solution for everyone is actually quite simple.  The simple answer to this problem if you are worried is . . . change your iTunes password.  I know it sounds so repetitious of me, but it really is that simple.  If what the hacker group has is truly active credentials for iTunes/iCloud, then we can all just take away the threat by changing the passwords so that whatever the information they have is no longer any good.

My personal recommendation is to do just that.  I have already changed mine.  I suggest you change yours.  Now, I know that many of you have multiple Apple devices that will require you to update your password once you change it.  I am not different.  I have 4 devices that will need updating with my new password, but it seems a small price to pay to protect myself and my data.

Remember, the group has given a date of April 7, so I suggest changing your password as soon as possible if this worries you at all.  For the sake of fair play, below I’ve provided three links to different articles to let you decide for yourself.  My opinion is still the same though.  It’s a simple fix versus rolling the dice.

Motherboard Article
Wired Article
Fortune Article

As always, be safe.

Austin Bynum
Chief Watchman
Cyber Watchtower

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s