Earlier this week, we covered a serious case of a group of hackers identified as “Turkish Crime Family” who was blackmailing Apple after supposedly gaining access to countless iCloud. The "ransom" would have to be paid by her until April 7, otherwise personal data would be spread over the network and connected iPhones and iPads would be erased remotely.
It was very strange / suspicious, and Apple tried to calm everyone's moods well before the deadline. In statement sent Fortune, the company vehemently denied that there was a breach in iCloud or Apple IDs as a whole.
There was no break-in on any of Apple's systems, including iCloud and Apple IDs. The supposed list of email addresses and passwords was apparently obtained from third party services compromised in the past.
From the initial analysis of the data, it is believed that this has to do with a major leak on LinkedIn in 2012 (a good way to check if you have been affected by the “Have I been pwned?” Site). Still, Apple said it would continue to monitor the case and work with authorities to ensure that no users are affected.
Still, don't forget to follow our usual tips: the main one is to activate two-factor authentication and, preferably, take this opportunity to change your password if it is too old. It doesn't hurt to be careful.
Update · 03/24/2017 s 09:23
THE ZDNet had access, through the hackers themselves, to a short list of 54 of the credentials obtained by them and managed to confirm that, yes, all are valid.
However, the evidence that they were obtained through some external and old leak is strong. The vehicle contacted some of these people, in this case all from the United Kingdom (they did not understand why the hackers did not give any from the United States), and * all * said that they had not changed the passwords for their iCloud accounts since the original creation, years ago. Several also confirmed that they used the same iCloud email and password on other sites, such as Facebook and Twitter.
The list brings more indications of being something old, because it brings emails with the domain @ mac as well as @ me, a little more recent but also no longer in use by Apple (the official today @icloud. with).
From its contacts with the group, the ZDNet he had a clear impression that they are “naive and inexperienced” and that they are clearly after free media. In one of the contacts, for example, the hackers questioned whether they would be interviewed by the CBS network, which owns the site.