They allege access to over 559 million Apple accounts, including the ability to remotely wipe devices
Earlier this week, a hacking group going by the monicker ‘Turkish Crime Family’ attempted to extort Apple over a claim that they had breached over 559 million Apple accounts, including iCloud and Apple ID logins. According to a report on the Vice website Motherboard, the hackers have demanded a ransom of $75,000 worth of Bitcoin or Etherium (two popular crypto-currencies,) or $100,000 worth of iTunes gift cards, after which the group claims they would delete the supposed collection of user data.
The hackers have provided screenshots of the alleged mails originating from the group members to various members of Apple’s security team, where the group had even posted a video depicting the process of logging into what appeared to be an elderly woman’s iCloud account, showing the backed-up photographs as well as the capability to remotely wipe the user’s phone.
According to Motherboard, Apple has responded to the group informing them to remove the video, as well as stating that their correspondence has been shared with the authorities for further action. The hackers have since replied claiming they will reset numerous iCloud accounts and even remotely wipe the devices of victims they allegedly have access to, unless Apple pays the amount they demand is paid by 7 April. The hacker group has also reached out to several media outlets, a common tactic to amplify their message even though the threat may actually be empty.
Apple has since reassured their customers that its systems have not been breached, despite the hacking group claiming otherwise. "There have not been any breaches in any of Apple’s systems including iCloud and Apple ID," the spokesperson said. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services." Apple added that they are actively monitoring their systems to prevent unauthorized access to user accounts, while collaborating with the relevant legal authorities to locate the extortionists.
Safety first
How do I stay secure online?
These rules of thumb can help lower the chance of your logins from being compromised:
- Use a robust password comprising letters, numbers, a mix of upper/lowercase, and symbols. Ideally use a 15-20 character phrase that is only familiar to you.
- Set up 2-step authentication in all online service that supports it -- this feature it adds an extra layer of security to your login.
- Do not use the exact password across multiple online services -- introduce minor variations among them.
Interestingly, the user data that they criminals allegedly possess appears to resemble that of the LinkedIn data breach that happened last year. This facet was revealed by an individual familiar with the contents of the alleged data, as reported to Fortune. Reusing data from previous hack attempts is a common ploy that hackers use to make their exploits appear more legit.
The veracity of the hackers’ claims and the implications of its outcomes are still unclear, but we will continue to report on this story as it unfolds.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "Apple store"){kind=logo}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}