A hacker's invasion of dozens of celebrity iCloud accounts, leading to the embarrassing leaking of nude photos, has lessons for us all. Here are five things you should know about what happened.
Which Celebrities got Hacked?
Hacker, named 4Chac, was the major Hacker involved in iCloud leak of explicit Photos of more than 100 Celebrities.
Actress, Jennifer Lawrence, Mary Elizabeth Winstead and model – actress Kate Upton confirmed the images were actually real. Others like Ariana Grande, McKayla Maroney and Victoria Justice claimed nude photos are fakes. A recent statement was made by Victoria Justice via twitter stating
"Shortly after I tweeted about certain pics of me being fake, I was faced with a serious violation of privacy. There have always been fake photos of me on the internet, but I will not be put in the position to defend myself as to what is real or what is fake. I am angry at this massive invasion of privacy, and like the other women who are in this situation alongside of me, I am taking legal action to protect my rights."
Other celebrities that were noted to be hacked are Aubrey Plaza, Avril Lavigne, Cat Deeley, Farrah Abraham, Gabrielle Union, Hayden Panettiere, Hope Solo, Hillary Duff, Jenny McCarthy, Kate Bosworth, Kim Kardashian, Kirsten Dunst, Mary Kate Olsen, Meagan Good, Sarah Schneider, Selena Gomez, Teresa Palmer, Vanessa Hudgens and Winona Ryder.
How did icloud hack happened?
Hacker apparently took advantage of a security flaw in Apple's iCloud Service. Altough Apple said the hack that caused nude photos of celebrities to leak was not the result of a widespread attack on its iCloud. Instead, the hackers targeted the accounts of individual celebrities. Apple made the following statement to support their position.
"We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved."
Basically, Apple’s denial of an iCloud hack breach is that the vulnerability that allowed accounts to be hacked doesn’t count as a “BREACH". What are your Thoughts?
It was reported that the hackers took advantage of a security flaw in Apple's iCloud. Many online services lock someone out after several unsuccessful attempts to log in, but not Apple's "Find My iPhone" app and iCloud. That has been changed by Apple in the aftermath of the nude celebrity photo scandal. But with unlimited guesses, a computer program can generate and test thousands of potential passwords until an account is entered which is called a "brute force" attack.
How can you safeguard against hackers?
Choose strong passwords, like "[email protected]". Long but easy to remember pass phrases that include numbers and symbols are suggested.
Another safeguard is to be aware that even when you delete a photo or video from your iPhone, it is sent to the iCloud. The iCloud service allows you to access images on all your devices, but it also keeps those you might think are deleted.
Until a better solution comes out, your best bet is to enable 2-step (some services call it 2-factor) verification on everything you can. After you enter your permanent password, you are asked for a second temporary password or number that is automatically generated and sent to you in a text message. It's not perfect, but it's better than nothing.