Apple’s iCloud platform faced major controversy in 2014 when a large number of private celebrity photos were leaked. It was discovered that iCloud, Yahoo and Facebook accounts were compromised by multiple individuals which lead to the widespread leak. The attackers did not release all of the images at one go and chose to build up an even bigger scandal by releasing photos and videos in batches. The investigation of the iCloud leaks was carried out by the FBI, who have been successful in identifying key attackers.
Five years down the line, those involved in the leaks are still facing legal charges. A high school teacher has been charged with identity theft and unauthorized access to protected computers. The defendant will be facing a three-year prison sentence for his involvement in the iCloud leak four years ago.
During the court proceedings, the US Attorney’s Office Eastern District of Virginia revealed the details of the phishing and social engineering tactics that were used in the iCloud leak. A number of victims believed that they received official communication from Apple and entered their usernames and passwords. The defendant then used the information to access the victims’ iCloud accounts to steal and distribute any sensitive photos and videos.
Users often fall victim to phishing attacks as they look like they are coming from legitimate platforms. No online service would directly ask for personal authentication details via email. If you receive any such communication from any platform, you should immediately verify its authenticity. Very recently, Instagram users with high follower counts were subjected to phishing attacks, and unsuspecting users fell victim to attackers and lost access to accounts.
What do you think about the phishing tactics used in the iCloud leak? Let us know in the comments below. Don’t forget to join our discussions on Facebook and Twitter.