Apple Confirms ‘There have not been any breaches” as Hackers Hold iPhone Maker to Ransom

massive hack on iphone user data

Apple has confirmed that there have been no security breaches to its systems by hackers threatening to remotely wipe out data on over 550 million iPhones if Apple doesn’t pay them a ransom.

The data in question has not been verified for authenticity, but an Apple spokesperson did say that, if legitimate, the list was not obtained by hacking into Apple’s security systems. The spokesperson told Fortune in an emailed statement:

“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”

The hacker group that threatened Apple is calling itself the “Turkish Crime Family” and said that it would wipe all the data from the password-compromised iPhone devices unless Apple paid a ransom amount of either $75,000 worth of Bitcoins or Ether, or $100,000 worth of iTunes gift cards.

Obviously, that amount sounds like pocket change when you consider the fact that they claim to hold 559 million Apple email and iCloud account details, but the perpetrators have apparently given Apple until April 7 to comply with their requests.

According to Fortune, a person in the know about the allegedly hacked data set claims that many of the email accounts and passwords matched data that was leaked from a 2012 breach of 100 million LinkedIn accounts. Details of that hack only came out last year.

How likely is it that hundreds of millions of iPhones can be wiped clean of data remotely? That’s a highly debatable fact, but Apple is not taking any chances. The Apple spokesperson also confirmed that the company was “actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”

Changing a password to a complex and unique one is standard practice after a hack, but how many of those hundreds of millions of affected people will actually comply. If the bad actors carry out their threat, it could be a big loss for millions of iPhone users.

Hackers often recycle hacked data and use to launch new ransomware attacks on individuals. If the data is, in fact, from the old LinkedIn hacks and people have still not changed their passwords, they could be at risk. Furthermore, a lot of people tend to use the same passwords on other sites. With the email-password combination being the same on multiple sites, it makes it a lot easier for hackers to compromise even more data based on the data they already have.

Apple is not revealing anything about possible actions it will take to protect users, but don’t be surprised if you see a new prompt on your iPhone asking you to change your password for iCloud over the next couple of weeks.

Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.