Hackers stole naked photos of celebrities by bypassing their iPhone log-in credentials, rather than gaining access to them through a security weakness in the iCloud online storage service, Apple has claimed.
Over 100 celebrities - including The Hunger Games actress Jennifer Lawrence - were victims of an incident that saw private photos stolen and made very public online through outlets such as 4Chan and Reddit. The theft left Apple facing questions about the security of its iCloud service.
However, Apple has finally released a statement about the affair - which is currently being investigated by the FBI - insisting that iCloud itself hasn't been hacked, but rather the photos were stolen because cyber vandals managed to crack celebrity user names and passwords.
"When we learned of the theft, we were outraged and immediately mobilised Apple's engineers to discover the source. Our customers' privacy and security are of utmost importance to us," Apple said in a statement.
"After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the internet," the statement continued, as Apple insisted the security of its servers wasn't the issue.
"None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
"To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification," Apple concluded.
Apple doesn't confirm or deny that the stolen images were stored in its iCloud service, but many suspect that backups of the photos may have been uploaded to Apple's servers without the celebrity user being aware it was happening.
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy