cloudencryption

iCloud Data Breach A Black Eye For Cloud In General

3 comments

datacenterknowledgelogo

Brought to you by Data Center Knowledge

Apple is investigating vulnerabilities in iCloud after the service was exploited to hack the accounts of celebrities, leading to the publication of nude photos and videos. There are reports of more than 100 female celebrities being compromised.

A posting on GitHub, an online code-sharing site, by hackappcom said the group had discovered a bug in the Find My iPhone service, which tracks the location of a missing phone and allows a user to disable the phone remotely. The bug allowed an outside user to try passwords repeatedly rather than limit the amount of attempts. As a simple measure of security, most online services lock down an account after multiple attempts.

Some media outlets are claiming a brute force service called “iBrute” was used to gain access to the celebrities’ passwords, gaining them access to photos stored in their iCloud accounts.

The vulnerability was patched, but not until after the damage was done. Severe violations of privacy have occurred. While it appears that it was individual users and not the service that were hacked, it is a very public breach that should affect trust in cloud services in general.

“We take user privacy very seriously and are actively investigating this report,” said Apple spokeswoman Natalie Kerris.

The impetus falls on both Apple and users to protect themselves. Huge amounts of press coverage have made everyone more aware that they are not necessarily safe storing information in the cloud. Security measures are not always baked in. Steps such as using two-step verification are needed on the part of users across cloud services. Strong passwords or better yet, pass phrases greatly reduces the chance of an incident.

The event is a reminder that the general public views cloud as safe by default, thanks to the big technology names behind these cloud offerings. Cloud, however, is only as safe as the services that rest upon them. In the case of iCloud, the Find My iPhone service had a serious issue. The event guarantees that users will be more cautious using cloud services, as the only foolproof way to avoid an attack is to not store online. The use of cloud services will continue to grow, however the event serves as a wake up call that not even the biggest services are necessarily foolproof, and that users must take steps to protect themselves.

Original article appeared here: iCloud Data Breach A Black Eye For Cloud In General

Add Your Comments

  • (will not be published)

3 Comments

  1. Imagine how many ordinary people aren't affected too.

    Reply
  2. Internaut

    Any Cloud just makes it easier for hackers to get at a lot more a lot faster, and a lot sooner. The best advice I've heard is that if it is personal or of any value, keep it in a folder at home. Internet security? Only those providing security will state it's secure, subject of course, to a micro mini-text Terms of Use, Privacy policy, and EUAs. Internet security is like farmer's pesticide sprays - you can keep spraying, but you'll never gain any ground.

    Reply
  3. Warth Publishing Inc

    In my opinion 1&1 internet is the worst hosting company in the world.

    Reply