A threat by Hackers on wiping Apple iPhones
Today, ZDNet says that it was able to identify 54 accounts exposed by these hackers, although it is still unclear how many other accounts they have or how they came to know these accounts.
Apple comment that, its systems have not been breached, and the alleged list appears to have been gotten from other sources. It also says it’s “actively monitoring” to prevent unauthorized access and is working with law enforcement.
Apple Further commented:
There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.
We’re actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement agencies to discover the criminals involved. To fight against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.
Because of shared passwords, hackers frequently use information obtained in other breaches to try and access more relevant accounts, which may be happening here. Formally, we’ve seen hackers try to extort users directly this way, using Find My iPhone to remotely lock devices until they are paid.
Now that at least some of the information has been verified, it seems like a good time for anyone who has (or used to have) an Apple or iCloud account to update and lock down their security settings. Even if these hackers (or someone else) has obtained a password for your account, using two-factor authentication should keep them from being able to access details or remotely wipe devices.
Instructions on setting up two-factor authentication for your Apple ID. And if you haven’t changed your password in a while, or have ever shared it with an account anywhere else, it is a good idea to change it to something strong and unique.