Apple issues security warning for iCloud following reports of hacks in China

Apple iCloud

Apple investigation says that hackers had gained users’ passwords through so-called phishing attacks

On Tuesday, Apple posted a new security warning for users of its iCloud online storage service amid reports of a determined effort to intercept customer information and other data from people who use the service in China.

“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” the computer-maker said in a post Tuesday on its support website. The post said Apple’s own cloud computing platform has not been breached.

Apple’s post did not specifically mention China or provide any details on the attacks but advised customers accessing the service to always verify that they’ve connected to an authentic iCloud website through a trusted browser.

Using what is technically known as a man-in-the-middle (MITM) attack, in which the hackers interposed their own website between users and Apple’s iCloud server to copy and steal passwords, iMessages, photos and contacts that users enter when they think they are signing into Apple’s service.

Greatfire.org, which conducts research on Chinese internet censorship, alleged that the Chinese government was behind the attack because they are hosted from servers to which only the government and state-run telecommunications companies have access. They are also similar to previous attacks on Google Inc, Yahoo Inc and Microsoft Corp’s Hotmail. But a spokeswoman with the Chinese Foreign Ministry said the country opposed any form of hacking.

Cupertino, California based Apple said in its post that the breach has not affected its users who sign into iCloud from their iPads or iPhones or on Mac computers while using the latest Mac operating system and Apple’s Safari browser. But the company’s support document goes on to stress the significance of digital certificates, advising that users who see an invalid certificate warning in their browser while visiting iCloud.com should not proceed further. Apple suggested users to make certain that a green lock symbol is perceptible in Safari and that the message safari is using an encrypted connection to www.icloud.com is shown when the lock symbol is clicked. Apple also has verification instructions for both Chrome and Firefox.

“If users get an invalid certificate warning in their browser while visiting www.icloud.com , they should pay attention to the warning and not proceed,” Apple said in the post.

Apple investigation says that hackers had gained users’ passwords through so-called phishing attacks or simply by guessing the answers to security questions that allowed access. The company said its servers were not compromised in that case.

Avatar
Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Babcock facing writedowns of £1.7 billion, plans to cut 1000 jobs

Babcock facing writedowns of £1.7 billion, plans to cut 1000 jobs

Babcock International Group PLC, the UK defense contractor, said that a comet review for the financial year ending March 21 had identified impairments and charges totaling approxim
17 hours ago
France’s water management utilities, Veolia and Suez, finally merge after long battle

France’s water management utilities, Veolia and Suez, finally merge after long battle

Veolia and arch-rival Suez, the two French waste management utility companies, have struck a deal worth nearly 13 billion euros ($15.44 billion)to merge after months of wrangling.
2 days ago
Impossible Foods mulling IPO at $10 billion valuation

Impossible Foods mulling IPO at $10 billion valuation

Impossible Foods, the makers of the widely popular plant-based burgers, plans to go public with a likely valuation of $10 billion. The vegan burger company was valued at $4 billion
2 days ago
Aramco sells minority stake to EIG Group-led consortium for $12.4 billion

Aramco sells minority stake to EIG Group-led consortium for $12.4 billion

Energy giant Saudi Aramco is selling a minority stake for 12.4-billion-dollar in a newly formed oil pipeline business to a consortium led by US-based EIG Global Energy Partners. Th
2 days ago
Elior acquires Nestor, the single meal food delivery startup

Elior acquires Nestor, the single meal food delivery startup

Elior, the corporate catering company, has acquired the French startup Nestor for an undisclosed amount. Nestor, a Paris, France-based food delivery service, started in 2015 with a
5 days ago
Axa gears to buy office space worth €800m in European cities

Axa gears to buy office space worth €800m in European cities

Axa Investment Managers, the French fund house, is not too worried about predictions that the post-pandemic world will see more people working from home and office real estates shr
5 days ago