Giveaway: Bracketron Case If outdoor adventures are in your future this summer, enter to win a Bracketron Sport Case with Mount Strap from MacNN and keep that iPhone, iPod or other electronic device safe from the elements.      
toggle

AAPL Stock: 454.74 ( + 1.77 )

http://www.macnn.com/articles/12/05/17/isolated.reports.suggest.rare.breach/

Users report iCloud accounts may have been compromised

updated 09:41 pm EDT, Thu May 17, 2012

 

Isolated reports suggest rare breach


A small number of users in the Apple Support Communities have reported that their iCloud e-mail accounts may have been compromised by spammers, even in cases where the user had a strong, randomized password. Reports began flowing in of mostly little-used iCloud accounts sending out spam messages, replies to which alerted users of the problem. Apple has not commented on the issue thus far.

Users who have reported the issue are concerned that Apple's servers themselves have been breached, since the brute-force password guessing method usually used would not have been practical or effective in the case of some users. The spam e-mails appear in the users' "Sent" folder on iCloud, are delivered to users whose contacts are synced with iCloud and are the "make money with your computer" type fake job postings. Those affected have reported the issue to Apple, but the company has not issued an official response so far.

There are only around 35 reports of the activity, while iCloud is reported to have over 120 million users, so it is unlikely that any large-scale breach has occurred. Users of iCloud are encouraged to check the iCloud "Sent" folder through a web browser or using their e-mail client and if any spam messages are seen, report it to Apple and change the password of the account.


by MacNN Staff

Post tools:

TAGS :

 security, e-mail, spam, Apple, iCloud

Related Articles

Recent Articles

toggle

Comments

  1. facebook_Mike

    Via Facebook

    Joined: May 2012

    -1
    05/17, 10:20pm | report spam | Reply |

    mine was

    I noticed i was receiving strange emails, asked a friend who said I sent him the same email. Did some checking and discovered I sent out a lot of emails to a lot of people. Quickly changed my password. I`ll still vouch that iCloud is awesome and will use it everyday. Strange thing is that my password was very random, I am surprised someone guessed it.

  1. chas_m

    Moderator

    Joined: Aug 2001

    +1
    05/17, 10:37pm | report spam | Reply |

    Might not be your password

    As the article infers (and some of the posters in the Apple Support threads say), could be a breach on Apple's end that somehow bypasses the password, so resetting it may not necessarily solve the problem. We'll have to see where this goes ...

  1. DaJoNel

    Fresh-Faced Recruit

    Joined: Aug 2010

    0
    05/17, 11:56pm | report spam | Reply |

    And

    It could be just like every other company that has some users that have their passwords guessed, nothing more.

  1. cashxx

    Fresh-Faced Recruit

    Joined: Apr 2009

    +1
    05/18, 08:46am | report spam | Reply |

    Me too

    Got hit here.....Apple disabled my account and I reset the password. I had an email go out from a @me.com address and spammed myself and others.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    05/18, 02:09pm | report spam | Reply |

    Re: And

    It could be just like every other company that has some users that have their passwords guessed, nothing more.

    Except several of the claimants say their password is very random, meaning you'd have to be a very good guesser.

    So the question is:
    - Was there a breach
    - Is there an issue with an insider
    - Is there an issue with the 'reset my password' code (apparently not, since the passwords weren't changed from what it appears).

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    05/18, 02:11pm | report spam | Reply |

    Oh

    I was unable to send out email via icloud for an account using a non-apple mail app (I know, can you believe it!). It would NOT send the email until I turned OFF the SSL option.

    Could it be that these passwords were sniffed because Apple's servers aren't forcing secure sockets?

  1. DaJoNel

    Fresh-Faced Recruit

    Joined: Aug 2010

    0
    05/18, 06:25pm | report spam | Reply |

    testudo

    Hackers are very good sometimes. Password guessing just happens. It's happened to me on other services and my passwords are random.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to understate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming declin ...

Samsung Galaxy S 4

Samsung's new flagship Android smartphone, the Galaxy S 4, faces even stiffer competition than its popular predecessor. With a five-in ...

toggle

Most Commented

 

Popular News