Posted by zduncan | Posted in Computer | Posted on 30-05-2012
Tags: Apple, Apple hacked, Apple iCloud, iCloud, iCloud hacked
According to recent reports, a small number of iCloud accounts that were supposedly protected by secure, randomly generated passwords have been hacked, raising suspicion by users that a security breach has happened within Apple’s servers.
Details of the hack come from a thread found on the Apple Support Communities forum. Users of iCloud have since voiced their concern that their accounts have been compromised with one affected customers saying that their Me.com email address was hacked and began sending out spam emails to everybody in the user’s contacts.
According to the user, “I never use my @me email for anything, and I guarantee someone didn’t break into the account by guessing my password (or brute force methods) – it’s a pseudoly randomly generated string of 15 numbers, letters (upper and lower case) and symbols (I worked in IT for many years and am perhaps overzealous about password security, which makes memorization a real pain). I’m worried that Apple’s iCloud servers themselves got hacked, as I see there are a few other people on the forums who are reporting that their account was used for spam in the last few hours.”
An additional thread was also started by a separate user experiencing the same problems. Both threads have relatively low numbers of replies and reader views, which suggests that any coordinated hack of iCloud accounts wasn’t widespread. Those that do believe they were hacked say that they found a series of spam emails in their Sent folders for their iCloud accounts.
The silver lining to this is that the spam emails only went out to contacts synced with the users’ iCloud account. Any contacts from Microsoft Outlook or Mozilla Thunderbird did not receive any spam. In addition to that, most of the users on the thread stated that they do not use their iCloud or MobileMe email addresses. They found out that their accounts had been compromised when they received messages from friends notifying them of the spam.
If you think you have been compromised, contact Apple Support. One user has already done so and stated that Apple Support helped them remove all of their contacts from their iCloud. That seems to be the only response so far as Apple hasn’t officially acknowledged the problem or delivered a viable solution.
Source: Apple Insider – Users raise questions about Apple’s security after iCloud hacks