Apple still hasn’t responded publicly to reports that hackers have breached Apple’s iCloud system and hacked it in order to unlock stolen iPhones. While that doesn’t bode well, the company did at least respond to a more recent series of reports of another iCloud breach that allowed hackers to digitally hijack iPhones and hold them hostage for a ransom.
News broke earlier this week that a group of hackers breached iCloud and used Apple’s Find My iPhone, Find My iPad and Find My Mac features to remotely lock devices. The group then demanded ransom payments via PayPal before they would unlock users’ devices.
While some initial reports suggested the group might have hacked iCloud in order to perpetrate its scheme, Apple issued a statement to ZDNet confirming that wasn’t the case at all. Instead, it looks like individual accounts were breached by hackers who managed to somehow obtain users’ passwords.
“Apple takes security very seriously and iCloud was not compromised during this incident,” Apple said in the statement. “Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.”
This is clearly good news — not for the victims of the scam, but for the millions of other iCloud account holders. At the same time, Apple’s willingness to issue a prompt statement regarding this attack makes the company’s silence surrounding the earlier supposed iCloud breach even more worrisome.