Tim Cook speaks out on recent iCloud hacks, promises new security measures

By , Sep 4, 2014

icloud ios 7 1

Tim Cook sat down with The Wall Street Journal today, but not to talk about how excited Apple is about next week’s iPhone event. Instead, the CEO answered questions regarding the recent iCloud scandal, which led to the posting of dozens of nude celebrity photos earlier this week.

Apple has already released a statement on the matter, claiming that iCloud and its subsequent services had not been breached. Cook reiterated those claims today, and added that the Cupertino company plans to rollout a number of new security features to make its devices more safe.

It’s believed that celebrities’ iCloud accounts were compromised by a mix of social engineering and phishing scams. Cook tells the Journal that Apple’s new plan to combat this is to begin sending push notifications to users when someone tries to change or reset their account passwords.

Additionally, Apple will soon begin notifying users whenever someone tries to restore iCloud data to a new device, or a device logs into an account for the first time. Until now, users merely received an email when someone tried to change a password or log in from an unknown Apple device.

apple two-step

Cook says Apple also plans to broaden its use of “two-factor authentication,” which requires a user to have two of three things to access an account: a password, a separate four-digit one-time code, or a long access key given to users. Most iOS device owners don’t have this feature enabled.

Apple is fighting to preserve its public image ahead of what is to believed to be a major media event next week. It’s expected to unveil a new iPhone, as well as a new mobile payment service and health-tracking smartwatch, the latter two of which would require significant trust from consumers.

To learn how to enable Apple’s two-step authentication on your account, click here. Apple will begin sending the notifications in two weeks.

[The Wall Street Journal]

  • Share:
  • Follow:
  • tw23777

    This isn’t Apple’s fault at all, it was the celeb’s (or hacker’s depending on how you see it). There was no “hack” everybody was claiming, it was just simple brute force/social engineering. Alerting users via email/text won’t do anything as they will already have access to all your photos.
    However, if they turned on two-step verification, none of this would’ve happened. Another reason why you should turn on two-step everywhere it is possible to have.

    • Melvco

      I agree about two-step authentication and am happy to hear Apple plans to push it more aggressively.I disagree though that sending push notifications won’t help users fight these types of attacks.

      A majority of these photos were ripped from downloaded iCloud backups, and I think that if users could be alerted to their backups being downloaded, with the option to stop it, that could put a huge dent into this entire issue.

      • Warmachine69

        Apple’s 2 step verification isint the best Google’s is way better it’s ised everywhere in Google but apple’s 2 step verification doesn’t work on iCloud for some countries like me it doesn’t work cause I’m in Canada they need to expand the country ‘s

      • DevXav

        Dude, I simply gave up on reading your comment..
        Probably your dog did it using your account?

      • https://twitter.com/aidanharris1 Aidan Harris

        Googles two-step-authentication is so good I’m still waiting for them to send me an SMS code…

      • Warmachine69

        They send it right away if you haven’t got it its not coming

      • https://twitter.com/aidanharris1 Aidan Harris

        Hmm. Must be a problem their end then since my phone is working fine…

      • Warmachine69

        Maybe it is I’ve had problems with their SMS services. Try using their authenticator app it’s alot better the codes self distruct after 30 second and it works without data connection

    • justme

      The celeb nudes are from old restores years before. There are a comunity that paid big money to get some of those pictures and trade for others this happened years before this. so there’s a proof that one “anonIB” ask for donations or he will post some picuters of his album to the web (4chan).

      source: Theverge

      • https://twitter.com/aidanharris1 Aidan Harris

        Hmm. If true (and I suspect this might be true) I wonder why the celebs didn’t payup to stop the leaks?

      • highNiggaPie

        Cause they didn’t know about them this was all on the darknet it was a big celeb nude trading ring

    • jack

      it is partly their fault if the login system is susceptible to brute force attacks

    • http://www.eazycomputers.com/ PhoneTechJay

      I just hope we aren’t forced to update our passwords and security questions.

    • https://twitter.com/MrElectrifyer MrElectrifyer

      It was partly Apple’s fault for not implementing a limit on the number of failed attempts allowed. As for two-step verification, I have my reasons (http://bit ly/1x2MONM) for turning such feature off in the case of Apple…oddly, they used this “there’s a limit to number of allowed failed log-in attempts” excuse to defend the account lock, yet as the headlines prove, that wasn’t even fully implemented in the first place…

  • Jason Jones

    Tim promised “doubling down” on security when it came to new devices also. Unless the iPhone 6 is completely different from all the leaks, that didn’t happen.

    • Caegs

      Get ready for double the nudes!

  • jack

    so so far they haven’t figured out who’s behind the attacks?

    • RarestName

      From what I’ve read on some tech blogs, the person didn’t remove his name from the screenshots and others tracked down his IP addresses, name and whatnot.

  • Guest

    Not universal… At least i can’t find it to download to Brazil (yeah, no surprise there).. :(