clock menu more-arrow no yes

Filed under:

Tim Cook says Apple will send security alerts to help stop iCloud hackers

New, 120 comments

CEO responds to leak of celebrity nude pictures

Apple CEO Tim Cook told The Wall Street Journal today that his company is soon to introduce measures to protect iPad, iPhone, and Mac users' information and keep hackers out of their accounts. In two weeks time, Cook said users would start to receive emails and push notifications on mobile devices when iCloud data was restored, passwords changed, or when a new device logs into an account for the first time.

Cook's comments come after hundreds of photos of nude celebrities, including Jennifer Lawrence and Ariana Grande, were leaked online. The pictures were reportedly obtained through Apple's iCloud service. The company has denied that private accounts were accessible through security flaws in the cloud storage system, but said that the stars were the target of hackers that attempted to compromise their usernames, passwords, and security questions. It's been speculated that the photos released were only a small portion of the number owned by a shadowy ring of individuals who trade private images of the world's most famous people.

Apple will introduce the new measures in two weeks

The changes outlined by Cook are Apple's first in response to the leak, which both Apple and the FBI are still investigating. Previously Apple device users would receive emails when passwords were changed or accounts accessed from unknown devices, but would not be notified when iCloud data was restored. Under the new model, users alerted to suspicious activity will be able to change their password immediately or let Apple's security team know they're being targeted.

Cook also said that Apple would expand the use of two-factor authentication. The security system means in addition to a password, users need an extra code to log into their accounts. The company says the majority of its customers still don't use the system, but the next version of iOS will aggressively push its adoption to prevent the kind of invasions of privacy possible when hackers can easily guess or brute-force passwords and security questions.