Subscribe

Apple says hackers attacked iCloud

Apple announced security warnings for its iCloud storage service after organized attacks. Apple said the attacks were trying to obtain users' information.

  • close
    Apple CEO Steve Jobs introduces iCloud during a keynote address to the Apple Worldwide Developers Conference in San Francisco, Monday, June 6, 2011.
    Paul Sakuma/AP/File
    View Caption
  • About video ads
    View Caption
of

Apple has posted a new security warning for users of its iCloud online storage service amid reports of a concerted effort to steal passwords and other data from people who use the popular service in China.

"We're aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously," the computer-maker said in a post Tuesday on its support website. The post said Apple's own servers have not been compromised.

Apple's post did not mention China or provide any details on the attacks. But several news outlets reported Tuesday that some Chinese Internet users have begun seeing warnings that indicate they had been diverted to an unauthorized website when they attempted to sign into their iCloud accounts.

Recommended: iOS 8 vs. Android: 8 ways Apple is catching up or pulling ahead

That kind of diversion, known to computer security experts as a "man in the middle" attack, could allow a third party to copy and steal the passwords that users enter when they think they are signing into Apple's service. Hackers could then use the passwords to collect other data from the users' accounts.

Chinese activists blamed the attacks on that country's government, according to news reports and the Chinese activist website GreatFire.org, which suggested the campaign was spurred by the fact that Apple recently began selling its newest iPhone models, the iPhone 6 and 6 Plus, in China. The new smartphones have software with enhanced encryption features to protect Apple users' data.

Apple, which is based in Cupertino, California, said in its post that the attacks have not affected users who sign into iCloud from their iPhones or iPads, or on Mac computers while using the latest Mac operating system and Apple's Safari browser. But the company suggested users should verify they are connecting to a legitimate iCloud server by using the security features built into Safari and other browsers such as Firefox and Google's Chrome. The browsers will show a message that warns users when they are connecting to a site that doesn't have a digital certificate verifying that it is authentic.

"If users get an invalid certificate warning in their browser while visiting www.icloud.com , they should pay attention to the warning and not proceed," Apple said in the post.

The attacks appear unrelated to an episode last month in which hackers stole nude photos from the iCloud accounts of several U.S. celebrities. In that case, Apple said its investigation concluded the hackers had obtained the users' passwords through so-called "phishing attacks" or by guessing at the answers to security questions that allowed access. The company said its servers were not breached in that case.

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK