Apple is doubling down on security to avoid future iCloud leaks

Nobody would have thought that in September the spotlight would be diverted from the new iPhones to potential security issues with iCloud. But all that changed over a week ago when a barrage of compromising photos were leaked, mainly of celebrities, and many believed that this happened due to an iCloud breach. Apple investigated the issue and found that iCloud was not to be blamed, and that this happened because celebrities’ accounts were specifically targeted. Nonetheless it gave birth to a debate about iCloud security. Apple CEO Tim Cook has promised that the company will improve security to ensure that something like this doesn’t happen again.

Apple Inc. said it plans additional steps to keep hackers out of user accounts, but denied that a lax attitude toward security had allowed intruders to post nude photos of celebrities on the Internet. In his first interview on the subject, Apple Chief Executive Tim Cook said celebrities’ iCloud accounts were compromised when hackers correctly answered security questions to obtain their passwords, or when they were victimized by a phishing scam to obtain user IDs and passwords. He said none of the Apple IDs and passwords leaked from the company’s servers. To make such leaks less likely, Mr. Cook said Apple will alert users via email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time. Until now, users got an email when someone tried to change a password or log in for the first time from an unknown Apple device; there were no notifications for restoring iCloud data. Apple said it plans to start sending the notifications in two weeks. It said the new system will allow users to take action immediately, including changing the password to retake control of the account, or alerting Apple’s security team.