toggle

AAPL Stock: 98.41 ( + 0.03 )

Printed from http://www.macnn.com

Users report iCloud accounts may have been compromised

updated 09:41 pm EDT, Thu May 17, 2012

Isolated reports suggest rare breach

A small number of users in the Apple Support Communities have reported that their iCloud e-mail accounts may have been compromised by spammers, even in cases where the user had a strong, randomized password. Reports began flowing in of mostly little-used iCloud accounts sending out spam messages, replies to which alerted users of the problem. Apple has not commented on the issue thus far.

Users who have reported the issue are concerned that Apple's servers themselves have been breached, since the brute-force password guessing method usually used would not have been practical or effective in the case of some users. The spam e-mails appear in the users' "Sent" folder on iCloud, are delivered to users whose contacts are synced with iCloud and are the "make money with your computer" type fake job postings. Those affected have reported the issue to Apple, but the company has not issued an official response so far.

There are only around 35 reports of the activity, while iCloud is reported to have over 120 million users, so it is unlikely that any large-scale breach has occurred. Users of iCloud are encouraged to check the iCloud "Sent" folder through a web browser or using their e-mail client and if any spam messages are seen, report it to Apple and change the password of the account.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. facebook_Mike

    Via Facebook

    Joined: May 2012

    -1

    mine was

    I noticed i was receiving strange emails, asked a friend who said I sent him the same email. Did some checking and discovered I sent out a lot of emails to a lot of people. Quickly changed my password. I`ll still vouch that iCloud is awesome and will use it everyday. Strange thing is that my password was very random, I am surprised someone guessed it.

  1. chas_m

    Moderator

    Joined: Dec 1969

    +1

    Might not be your password

    As the article infers (and some of the posters in the Apple Support threads say), could be a breach on Apple's end that somehow bypasses the password, so resetting it may not necessarily solve the problem. We'll have to see where this goes ...

  1. DaJoNel

    Joined: Dec 1969

    0

    And

    It could be just like every other company that has some users that have their passwords guessed, nothing more.

  1. cashxx

    Joined: Dec 1969

    +1

    Me too

    Got hit here.....Apple disabled my account and I reset the password. I had an email go out from a @me.com address and spammed myself and others.

  1. testudo

    Joined: Dec 1969

    0

    Re: And

    It could be just like every other company that has some users that have their passwords guessed, nothing more.

    Except several of the claimants say their password is very random, meaning you'd have to be a very good guesser.

    So the question is:
    - Was there a breach
    - Is there an issue with an insider
    - Is there an issue with the 'reset my password' code (apparently not, since the passwords weren't changed from what it appears).

  1. testudo

    Joined: Dec 1969

    0

    Oh

    I was unable to send out email via icloud for an account using a non-apple mail app (I know, can you believe it!). It would NOT send the email until I turned OFF the SSL option.

    Could it be that these passwords were sniffed because Apple's servers aren't forcing secure sockets?

  1. DaJoNel

    Joined: Dec 1969

    0

    testudo

    Hackers are very good sometimes. Password guessing just happens. It's happened to me on other services and my passwords are random.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

toggle

Most Commented