Apple says it is "actively investigating" an alleged exploit to its iCloud service that allowed hackers to post dozens of private celebrity photos to public message boards this weekend. "We take user privacy very seriously and are actively investigating this report," said an Apple spokesperson to Recode. Among the pictures posted to the Reddit and 4chan message boards were nude photos of celebrities Jennifer Lawrence, Kate Upton, Kirsten Dunst, and numerous other models, actresses, and athletes.
Meanwhile, as Hollywood Reporter notes, the FBI is also paying attention, releasing the following statement that promises that it is "addressing the matter." What precisely "addressing" means is as yet unclear: "The FBI is aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter. ... Any further comment would be inappropriate at this time."
"We take user privacy very seriously and are actively investigating this report."
Though it hasn't yet been confirmed that the pictures came from iCloud accounts, reports have speculated that the hackers used a recent tool called iBrute, which can repeatedly try different combinations of passwords on Apple's Find My iPhone service until one of them works. Once Find My iPhone is breached, it is possible to access iCloud passwords and view images and other data stored in a user's iCloud account. Apple had previously allowed an unlimited number of password attempts on the Find My iPhone service, but it has since limited it to five attempts, making the iBrute tool ineffective.
The Verge has reached out to Apple for further comment on the matter and will update this article when we have it.
Updated at 6:30 ET on Sept 1 to include the FBI's statement.