Hackers threaten to wipe data from millions of iPhones
25 Mar 2017
A group of hackers going by the name "Turkish Crime Family" has claimed they it has access to up to 559 million Apple email accounts on icloud.com and me.com domains.
The group is demanding that Apple pay $75,000 in bitcoin or ether, another cryptocurrency, or $100,000 in iTunes gift cards by 7 April in exchange for deleting the data, Vice's Motherboard blog reported Tuesday.
In case the group's demand was not met, it would use the passwords to reset the phones and delete the photos, videos, text messages and other personal data on them.
Meanwhile, Apple has reassurd users that its systems had not been breached.
"There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the a company spokesperson said in an emailed statement to Fortune. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services."
According to a person who was familiar with the contents of the alleged data set, many of the email accounts and passwords contained within it matched data leaked in a past breach at LinkedIn.
Whether or not the hackers possessed the passwords, one could still protect the contents of one's phone in case, by following the steps below before 7 April:
- Change the password to a "high-entropy" one.
A high-entropy password has random numbers, upper and lower case letters and special characters. A password manager like LastPass could be used to create and manage such passwords.
- Answers to security questions should be unique to each site.
- Set up two-factor authentication for high security. Two-factor authentication requires entering a security code texted to one's phone for logging in.