Apple press release:
We wanted to provide an update to our investigation into the theft
of photos of certain celebrities. When we learned of the theft, we
were outraged and immediately mobilized Apple’s engineers to
discover the source. Our customers’ privacy and security are of
utmost importance to us. After more than 40 hours of
investigation, we have discovered that certain celebrity accounts
were compromised by a very targeted attack on user names,
passwords and security questions, a practice that has become all
too common on the Internet. None of the cases we have investigated
has resulted from any breach in any of Apple’s systems including
iCloud or Find my iPhone. We are continuing to work with law
enforcement to help identify the criminals involved.
“A practice that has become all too common on the Internet” is a weird excuse. It’s certainly true, but it suggests that we still have a major problem. If the system works by design in a such a way that accounts can be easily hijacked via bad passwords or guessable security questions, that’s a problem.
(And on the other hand, make things too secure and people will be annoyed, or worse, locked out of their accounts.)
★ Tuesday, 2 September 2014