We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized AppleÃ¢â‚¬â„¢s engineers to discover the source. Our customersÃ¢â‚¬â„¢ privacy and security are of utmost importance to us.
After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet.
None of the cases we have investigated has resulted from any breach in any of AppleÃ¢â‚¬â„¢s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
Apple has launched an investigation into how nude photographs of over a hundred celebrities were leaked online late last week, after claims a hack on their iCloud accounts was to blame.
In a statement sent toÃ‚Â Recode, an Apple spokesperson said:
Ã¢â‚¬Å“We take user privacy very seriously and are actively investigating this report.Ã¢â‚¬Â
The photos appeared after a user on 4chan, an image sharing forum, posted private pictures of 101 celebrities includingÃ‚Â Jennifer Lawrence, Ariana Grande, Victoria Justice and Kate Upton.
Pictures of British stars Kelly Brook, Cara Delevingne and Cat Deeley, as well as US stars Rihanna, Kim Kardashian, Kirsten Dunst, Kate Hudson and Selena Gomez are among those also claimed to have been acquired but yet to be circulated online.
While some stars have claimed the pictures are fake, others seem to have confirmed that it is them in the images.
The person who leaked the photos said they had been stolen after gaining access to the victims Apple iCloud accounts, where photos taken on their iPhone and iPad are automatically synced to.
Lawrence issued a statement describing the hack as a Ã¢â‚¬Å“flagrant violation of privacy,Ã¢â‚¬Â while others claimed the photographs of them were fakes. LawrenceÃ¢â‚¬â„¢s management team added:
Ã¢â‚¬Å“The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence.Ã¢â‚¬Â
Although it isnÃ¢â‚¬â„¢t yet clear how the attack took place, a number of security experts have explained how the hack could have happened – and how to avoid it happening again.
Ã¢â‚¬Å“Even if they were all using iCloud, itÃ¢â‚¬â„¢s possible that there isnÃ¢â‚¬â„¢t a security hole in iCloud itself but rather that celebrities had not properly secured their accounts with Ã¢â‚¬â€œ for instance Ã¢â‚¬â€œ hard-to-guess passwords.Ã¢â‚¬Â
There is lots of speculation that a piece of software called iBrute may have been used. iBrute uses what is called a bruteforce attack to guess the password of an iCloud account by automatically trying millions of words until the right one is found.
We track anonymized user information to improve our website.
Because we respect your right to privacy, you can choose not to allow some types of cookies and processing. Click on the different category headings to find out more and change our default settings. Not allowing some types of cookies may impact your experience of our Services and what we are able to offer.
In order to use this website we use the following technically required cookies
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. Loss of the information stored in a preference cookie may make the website experience less functional but should not prevent it from working.
This cookie enable us to detect the country of which you are visiting from.
These cookies may be set through our Services by our partners. Some have functional purposes such as capping the number of times you see an ad within a short span of time, but most, through uniquely identifying your browser and the device you use to access our Services and the processing of other information, will build a profile of your interests and show you ads more relevant to them, inferred from your browsing activity. If you do not allow these cookies, you will still receive ads but they will be less targeted and less likely to be relevant to your interests.