Is Your Data Safe on iCloud Despite Multiple Hacker Attacks Over the Years?

Almost two years ago today, on August 31, 2014, the world was shocked by celebrity photos that were allegedly hacked from Apple’s cloud service, iCloud. The controversy rocked the media world because of its scale and the rapidity with with “the Fappening” was released to the public. Nearly 500 photos of mostly female celebrities were posted on social media sites Reddit, Imgur and Tumblr and caused a media disturbance of seismic proportions.

Three weeks later another batch of similar photos was leaked, presumably by the same group of hackers; and less than a week after that a third batch hit the internet.

Now all of this happened when Apple devices were still on iOS 7. At the time Apple CEO Tim Cook assured the media and users that steps would be taken to tighten not only account authentication, but also the notifications that are sent when devices are synced on a new desktop. The changes were implemented in the iOS 8 operating system that followed the debacle.

The company was criticized for “doing too little” to prevent the attacks despite being aware of a potential flaw in their iCloud security system that a London-based software developer had told them about nearly six months prior to the Fappening.

But That Wasn’t the End of It

Four months later, in January 2015, yet another attack was mounted on iCloud. But this time, Apple reacted quickly and patched the hacking tool within days of the threat. This time, however, it was the hacker himself who led Apple to the security flaw. He calls himself Prox13:

“The bug is painfully obvious, and it was only a matter of time before it was privately used for malicious or nefarious activities. I publicly disclosed it so Apple would patch it.”

This time, the hacking tool used what is called brute-force method that tried to hack an account using hundreds of commonly used passwords such as P@ssword, Whatever1 and so on. The tool also bypassed Apple’s security protocol that disables an account after 10 wrong password tries, and it even claimed that it broke the two-factor authentication that was set up in iOS 8 after the Fappening.

Then, again, in July of last year, a white hacker – someone who uses their skills to find security flaws and informs the company so it can fix them – discovered another security bug that would actually transmit passwords directly from users to the hackers.

Another major shocker was revealed in February this year when Apple users reported that their devices were locked and a ransom message in Russian was displayed on their screens. Further investigation revealed that the number of affected devices could number up to 40 million in the United States and Europe, but the figure was later found to be blown out of proportion. The threat involved breaking into the Find my Phone service and locking it down with a preset message displayed on the screen. Essentially, Apple owners were being treated like they stole their own phones and the real owner was holding their devices for ransom.

So, Is iCloud Safe to Use?

With so many incidents in a short span of time, it’s impossible to say that iCloud is 100% safe. Hackers are constantly burning the midnight oil to find new ways to attack secure systems.

To Apple’s credit, they’re also constantly looking for hack-proof security measures and continue to send update after update that strengthens the wall of security between your device and a potential hacker. They also have white hackers working overtime to discover security flaw so they can patch them before an attack actually happens.

But get this: sometimes, it’s your own ‘security habits’ that put you in harm’s way. Read on…

So How Do I Protect My iCloud Data?

The worst reaction from a user would be to stop using iCloud. It is a highly secure and reliable cloud storage environment. Despite the attacks, cloud is one of the most secure places to store your data. However, as a user, there are several things you can do to make sure that hackers find it extremely difficult to access your account.

  1. Use a complex password. Click on this link, where I’ve explained how to set an alphanumeric passphrase instead of using the six-digit default passcode option.
  2. Always update to the latest iOS version. If you’re on iOS 9, then update it to iOS 9.3.2
  3. Use the Find my Phone feature so if it’s stolen or lost you can immediately wipe all your local data.
  4. Use iCloud Drive. It’s convenient and it’ll help you save a lot of wasted space on your device. Your data is also a lot safer in the cloud than it is on your phone.
  5. Read my recent article on iPhone security for even more tips.

More Ways to Secure your iPhone from Hackers

In closing, let me just say that where most security systems are concerned, the user is usually the weakest link. And you know what they say about the entire chain only being as strong as the weakest link, right. It’s hard to admit, but our security practices more than anything else put us at great risk. So be aware, be smart and take mobile security seriously.

Thanks for reading our work! If you’re reading this on Apple News, please favorite the 1RedDrop channel (next to our logo) to add us to your news feed, or Like our page on Facebook. Please bookmark our site for more insightful articles on current and future technologies that are changing our lives.