Apple has just admitted that “certain” celebrity accounts were indeed compromised, resulting in a massive leak of private naked photos belonging to up to 100 high-profile entertainers and models, including Jennifer Lawrence, Rihanna and Kate Upton.
Following a 40-hour probe, the iconic Cupertino, Calif. tech giant said in an official statement posted online moments ago that the attacks were on individual Apple accounts and were deliberate. However, they were not a result of breaches to iCloud or Find my iPhone, despite earlier reports.
Apple, of course, isn’t revealing which particular celebrities were burned by hackers. Meanwhile, the search for the criminals behind the attacks continues.
Here is the complete statement from Apple:
We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us. After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.
Notice that, while it’s quick to dismiss claims that widely reported vulnerabilities to iCloud and Find my iPhone were not to blame for the leaks, Apple is still cautioning its users to carefully password protect their Apple accounts and to turn on two-step verification. Better to be safe than sorry in front of the whole Internet. Forever.