Apple Store New York City

Anthony Quintano for Re/code

Security


Apple said attackers broke into the individual accounts belonging to celebrities including the actress Jennifer Lawrence and not its iCloud system in a breach that led to the spreading of stolen nude photographs across the Web.

The company on Tuesday said “certain celebrity accounts” were compromised in what it called a “very targeted attack.” It said that after 40 hours of investigation, it has determined that the iCloud system itself wasn’t breached.

The early results of the ongoing investigation by Apple appeared to rule out the possibility of a system-wide compromise of its services at a critical moment. Apple is expected to introduce electronic payment and health services at a launch event in San Francisco next week, when it is also expected to introduce the next generation iPhone and show off a new wearable device.

Apple’s statement raises the possibility that the people affected were hit by some sort of phishing attack that gave the perpetrators some information they could work with to carry out the scheme, and then guess passwords using brute-force methods, essentially guessing passwords over and over until you get the right one.

Here is Apple’s statement:

“We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”

Word of the disclosure of private photographs said to be taken from the accounts of the actress Jennifer Lawrence and the model Kate Upton among numerous other celebrities surfaced over the weekend.




Follow

Get every new post delivered to your Inbox.

Join 326,127 other followers