Apple has received a ransom threat from a hacking group claiming to have access to data for up to 800 million iCloud account’s.
Hacker’s Claims to have access of millions of iCloud account
The hackers, said to be a London-based group called the “Turkish Crime Family,” have threatened to reset passwords and remotely wipe the iPhones of millions of iCloud users if Apple fails to hand over a total of US$700,000. They have given the company an ultimatum to respond by April 7.
Apple reportedly has denied that the group succeeded in hacking its systems, maintaining that it obtained the email addresses and passwords from previously compromised third-party services. Apple is working with law enforcement on the threats.
The data set in the iCloud hack matches the data found in the 2012 hack of 117 million accounts on LinkedIn, according to some published reports.
The initial reports of a ransom demand of just $75,000 were incorrect, the group said in response to our email query. It actually demanded $100,000 for each of its seven members, plus “extra stuff from Apple that are worth more to us than money,” which it promised Apple it would keep secret.
With iCloud accounts, Apple has the ultimate safety valve … they control the infrastructure behind the accounts,” he added. “Which removes most of the pressure points criminals could use.
A report in ZDNet appeared to lend credence to some of the hacking group’s claims, however. The group provided 54 credentials to the publication, which were verified as authentic based on a check of the password reset function.
Most of the accounts were outdated, but 10 people did confirm to the publication that the obtained passwords were legitimate and that they since had changed them. Those 10 people were living in the UK, and had UK mobile numbers.
Trend Micro is urging iCloud users to protect their accounts by using two-factor authentication, and also to use a password manager.
A password manager helps users create unique passwords for every account and stores them remotely so that hackers cannot access one or two accounts and thereby gain access to many more.
The FBI declined to comment for this story.
Apple officials did not respond to our request to comment, and a Yahoo spokesperson was not immediately available.