Apple confirms iCloud under attack as security blog reports Chinese hack
Washington: Apple said today its iCloud server has been the target of “intermittent” attacks, hours after a security blog said Chinese authorities had been trying to hack into the system.
Apple did not specifically mention China, but posted a security bulletin citing the hack attempts, and indicating its cloud computing platform had not been breached.
“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” the statement said.
“These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”
Yosemite is the newest operating system for Mac computers and iOS is the platform for mobile devices such as iPhones and iPads.
Late yesterday, the security website GreatFire.org which monitors online censorship in China claimed that “Chinese authorities” had launched the attacks on Apple’s iCloud.
“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc,” according to the blog, which said it appeared to coincide with the launch in China of the newest iPhone.
“While the attacks on Google and Yahoo enabled the authorities to snoop on what information Chinese were accessing on those two platforms, the Apple attack is different,” GreatFire said.
“Many Apple customers use iCloud to store their personal information, including iMessages, photos and contacts. This may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.”
The news comes just weeks after a widely publicized incident which allowed hackers to access and post nude pictures of celebrities including Jennifer Lawrence from their iCloud accounts.
Apple maintained that some celebrity accounts were compromised in a “targeted attack” to gain passwords, but that it found no breach of the iCloud or other Apple systems.
In its latest statement, Apple said its users were safe if they relied on its software, but also cautioned against ignoring security warnings.
“If you’re connecting to a website that isn’t secure, you’ll see a message that says ‘Safari can’t verify the identity of the website.’” Apple said.