Hacker Group Claims About iCloud Accounts Being Compromised Are Probably Somewhat Real

A London-based hacker group that calls itself the Turkish Crime Family had claimed earlier in the week that they had access to the login credentials of over 600 million iCloud accounts and wanted a ransom of $150,000 from Apple that was to be paid through Bitcoin or Ethereum.

Otherwise, the hacker group threatened to wipe all the compromised accounts by April 7. Apple, for its part, confirmed that there had not been any breach in its security and the login credentials obtained by the hacker group is acquired from previously compromised third-party services.

Digging deeper into the matter, ZDNet managed to get login credentials of 54 accounts from the hackers, all of which were valid. The accounts included IDs that were based on the “me.com” and “mac.com” domain name as well, which possibly hints at how old the data is. Out of the total 54 accounts, ZDNet was able to get in contact with 10 people who confirmed that the passwords supplied by the hacker group were correct.

Before you start panicking though, most of the account holders also confirmed that they have been using the same password since they opened their iCloud accounts. One account hold, however, did say that the leaked password was changed by him two years ago, which adds credence to the fact that the data with the hacker group is based on an old data breach that occurred anywhere between 2011-2015. Most account holders also confirmed that they use the same login credentials on other third-party services, though some of them had a unique password just for iCloud that was not used anywhere else.

Two of the people we spoke to confirmed that someone had tried to reset their iCloud accounts in the past day. One of the people said that they had received login notifications on Twitter, which used the same iCloud email address and password. This seems fitting with the hackers’ apparent desires to reset accounts as they claim.

ZDNet does note that the group of hackers is inexperienced, naive and disorganised, and the team is currently looking to garner media attention to be able to extort its ransom from Apple. In all likelihood, the hacker group’s data is based on a third-party service breach from a few years ago.

In all likelihood, the hacker group’s data is based on a third-party service breach from a few years ago. If you frequently change your iCloud account password or have two-factor authentication enabled, you should be safe. If not, you should immediately enable two-factory authentication on your account for more security.

[Via ZDNet]