A vulnerability in Find My iPhone was believed to have allowed hackers to steal nude pics of Ariana Grande, Jennifer Lawrence, Kate Upton, and Kim Kardashian. It was later shown to be caused by phishing scams in the form of fake Apple emails and texts. Here’s what you need to know about the leaked pics, the iPhone vulnerability, and how to protect yourself from a similar hack or phishing scam.
1. Over 100 Celebs Were Affected by the Find My iPhone Hack
Over 100 celebrities were affected by this round of hacks, which were carried out by several different hackers. A full list of the affected celebs was posted on the website 4Chan. The hackers were able to get access to private pics on celebrity accounts through a vulnerability in Find My iPhone.
Mashable‘s list of the “biggest names” on the full list of those affected includes Aubrey Plaza, Brie Larson, Gabrielle Union, Hayden Pannettiere, Hillary Duff, Jenny McCarthy, Kayley Cuoco, Kate Upton, Kate Bosworth, Kim Kardashian, Kirsten Dunst, Krysten Ritter, Lea Michele, Lizzy Caplan, Mary Kate Olsen, Mary Elizabeth Winstead, Rihanna, Scarlet Johansson, Selena Gomez, Vanessa Hudgens, Wynona Ryder, Alison Brie and Dave Franco.
The Daily Mail notes that some of the celeb pics have yet to surface. For example, Cat Deeley was listed as one of the celebs who had images stolen, but those images haven’t shown up online. Additionally, Victoria Justice claims that the images of her that surfaced were fakes.
Several weeks after the initial leak (called “The Fappening” by some), the Fappening 2 hit another round of celebs. Celebs included in this batch of pics included Kim Kardashian, Vanessa Hudgens, Mary-Kate Olsen, and Leelee Sobieski.
2. Apple Has Patched the Flaw in Find My iPhone
ZDNet notes that a vulnerability in Find My iPhone was the cause of the recent round of celebrity iPhone hacks that leaked photos of celebs like Jennifer Lawrence, Ariana Grande, Victoria Justice, Kate Upton, and Kim Kardashian. Apple has now patched the exploit that made it possible for hackers to find and steal these compromising photographs. Users who attempt to use the same hack to gain access to the system will be locked out.
Here’s how ZDNet explains the mechanics of this hack:
“The code exploited a vulnerability with the Find My iPhone sign in page that allowed hackers to flood the site with passwords attempts without being locked out. By employing bruteforcing techniques, hackers could use this to guess the password used to protect the account.
Hackers using this tool would need to know the username for the account in order to attack it, but an email address is hardly a secret given that any time it is used it is made public.”
Valley Wag adds that, despite Apple’s protestations that the nude pic scandal wasn’t their fault, Apple could have done more to prevent the incident:
“Apple insists its iCloud service—which it touts as a seamless way of backing up your entire digital existence—was not ‘breached.’ This is maybe true in the sense that the celebrity nude traders didn’t break or manipulate Apple code, but false and horribly misleading in the sense that they easily gamed Apple’s system…
To fix this, Apple could have simply forced everyone to use two-factor verification for their accounts. It’s easy, and would have probably prevented all of this.”
3. You Can Take Steps to Protect Yourself From iPhone Hackers
Check out the video above from Sophos to get some tips on creating stronger passwords, which is a must for keeping your iCloud account and other iPhone-related accounts safe from hackers.
Unsure if you are at risk for being hacked? The Daily Mail notes that iCloud’s My Photo Stream feature has some inherent features that make it easier for hackers to access photos:
“Be aware that deleting a photo from a device does not mean it has been deleted from your online storage account. The photos may also appear in photo streams on other devices, and any phone or tablet that is synced with that iCloud account. This means you should delete photos from all of these areas if you want to get rid of them permanently.”
The simplest thing you can do to protect yourself from a similar hack is to change your iCloud password, and make sure that password isn’t used for any other services. The Daily Mail notes that 320 million people around the world use iCloud, and all of those people are at risk for hacking or phishing, particularly if they don’t use good Internet safety habits.
4. This Is Not the First Time Find My iPhone Has Been Exploited
Find My iPhone has had other hacking issues in the past. Earlier this year, the Verge noted that a flaw in Find My iPhone allowed a phishing mastermind to hold iOS devices hostage. In 2013, BGR reported on a flaw in iOS 7 that let people turn off Find My iPhone or Find My iPad…even when the device was locked.
The timing could be bad news for Apple. In just over a week, the tech giant will be debuting their newest version of the iPhone. Being linked to a big scandal like this nude pic theft could make some people second-guess their plans to buy a new iPhone 6.
5. iPhone Hackers Could Face Years in Prison
Learn more about the consequences of hacking a celeb in the video above.
If caught and brought to trial, the hackers involved in this epic theft of celeb iPhone pics could spend years in prison. There is precedent for iPhone hackers to face serious jail time. The Register reported that Christopher Chaney (the guy who hacked ScarJo in 2011) faced a maximum sentence of 121 years in federal prison. In the end, however, he only got 10 years. In 2010, the man who hacked Sarah Palin’s email account was sentenced to one year in custody. He faced up to 20 years in prison, as well as a fine. The person or persons responsible for these celeb photo leaks are likely to face prosecution at either the civil or criminal level.