2 min read

Apple: If hackers have our customers passwords, they didn't steal them from us

Graham CLULEY

March 23, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Apple: If hackers have our customers passwords, they didn't steal them from us

If you were worried that hackers might wipe millions of iPhones, Macs and iCloud accounts there’s some good news today.

If you remember, a group calling itself the “Turkish Crime Family” was claiming to have a stolen database of millions of Apple customer credentials, and threatening to wipe them remotely unless Apple agreed to pay a ransom demand by April 7th.

As news of the Turkish Crime Family’s threats began to make headlines there was a worrying silence from Apple, which can’t have done much to reassure its customers.

But now, in a statement issued to Fortune, Apple has declared that its systems had not been hacked:

“There have not been any breaches in any of Apple”s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”

All of which, of course, does not necessarily mean that hackers don’t have their sweaty paws on Apple customers’ usernames and passwords. After all, they may have grabbed them courtesy of one of the other high profile megabreaches (LinkedIn and Yahoo spring instantly to mind)

But don’t worry, if the extortionists do still follow through with their threats Apple isn’t leaving its users high and dry:

“Apple is actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”

Frankly, this is great advice.

Yes, you should always have strong, hard-to-crack passwords. And you should always ensure that your password is unique, and not being used on any other sites.

But more than that, enable two-factor authentication (2FA) on your Apple-related accounts. 2FA is the arch enemy of account hackers, because it means that they’ll need more than just your password to gain access.

In all likelihood, anyone attempting to break into your 2FA-protected account will simply find it too difficult – and attempt to find someone else who has been less diligent about defending their online lives.

There is little reason for you to feel nervous if you have been following the advice we have been offering here on the Hot for Security blog for years: make your passwords strong, make them impossible to guess, make them unique, and enable two-factor authentication to harden your account security.

If you adopt best password practices you will have dramatically reduced the chances of having your account compromised and – if it ever does happen – reduced the impact that it will have on the rest of your online existence.

Meanwhile, it remains to be seen if the Turkish Crime Family follow through with their threats. Until we see evidence to the contrary, I think it might be wise to be a little skeptical – whilst still ensuring that our accounts are properly secured.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths
Graham CLULEY

September 30, 2022

2 min read
Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials Honolulu Man Sabotaged Former Employer’s Network and Business Using Still-Active Credentials
Silviu STAHIE

September 30, 2022

1 min read
North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find North Korean Gang Uses Compromised Open Source Software to Distribute Malware, Researchers Find
Silviu STAHIE

September 30, 2022

1 min read