Reports suggest that more than 250 million Apple iCloud addresses have been compromised by a criminal group demanding a ransom. The group claims that it has access to millions the usernames and passwords, nonetheless, Apple denies that its servers or systems were attacked or breached in any manner. Although, independent verifications of samples provided to media outlets betoken at least a few of them to be genuine. That results in the rendition of worries for users, and therefore, it is advised that you change your passwords as soon as possible.
Be that as it may, Apple has strictly stated that its security and data has not been compromised in any manner. Which means, there is a lack of a base to argue that Apple’s systems were breached. On the other hand, the alleged and undivulged organization that dons the name Turkish Crime Family announces that it will remotely wipe all user data and accounts, if not compensated with the demanded ransom from Apple – $100,000 for all seven members of the organization. If that wasn’t enough, the Turkish Crime Family alleges to be able to reset 150 iCloud accounts using 17 scripts, in a minute. And with all the 250 servers they possess, they can wipe out a total of 637,500 user accounts and details in a minute. The servers have already confirmed 250-million user accounts with valid passwords, with more being added daily, with simple modifications such as capitalization of characters.
The matter doesn’t seem to be as harsh as it sounds. The Next Web and ZDNet have thoroughly investigated the scenario, concluding that several accounts published are hoary. ZDNet approached the Turkish organization and was able to get a sample of 54 user IDs. With a test performed, they were able to confirm that at least 10 IDs were working with the password provided. These ten individuals, who owned the accounts were approached and asked about their password change. They confirmed that the password in ZDNet’s possession was correct, but they hadn’t changed it since years. Which implies, the rupture occurred rather long ago, and not recently. Besides, the individuals also committed to using this same passwords for other services, except for three of them. Which means, these passwords could have also been sourced from 3rd-party.
The matter seems extremely confusing at the moment, as to what may happen. The safest bet is to reset your password, just to remain on the safer side.