There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the spokesperson said. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.
The Turkish Crime Family has threatened to reset the iCloud accounts and remotely wipe victims' Apple devices if Apple does not pay $150,000 in Bitcoin or Ethereum by April 7. If Apple does not pay in three days, the group plans to increase the amount of money it is asking for.
Originally the group was believed to have access to 300 million icloud.com, me.com, and mac.com email addresses, but that number later jumped to 627 million due to additional hackers allegedly stepping forward to provide account credentials. The hackers say at least 220 million of the login credentials are verified to work and do not have two-factor authentication enabled.
With Apple denying a breach, the iCloud account information has likely been obtained from major hacking incidents that have affected companies like Yahoo. iCloud users who have the same username and password that was used for both a hacked site and for iCloud should change their passwords immediately.
The Apple spokesperson also told Fortune the company is "actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved," but did not outline what specific steps are being taken to monitor the situation beyond "standard procedure."
Apple recommends that all iCloud users choose strong passwords, use different passwords for different sites, and turn on two-factor authentication to protect their accounts.
Discuss this article in our forums
Apple Responds to Hack Threats, Says There Were no iCloud or Apple ID Breaches - This Apple related article wrote by Juli Clover. To see its original version and more Apple related posts follow this link:
Original source of this article