APPLE has denied hackers have breached its security despite a ransom threat to pay up or at least 200 million iCloud accounts will be wiped.
The hacking group calling itself the Turkish Crime Family has provided video evidence of its claims to the tech site Motherboard, with a demand to Apple that it pay the ransom or face the consequences.
The hackers have listed the price of the ransom as either $A100,000 ransom in Bitcoin or US$A130,000 in iTunes gift cards.
Apple today issued a statement, suggesting that the hackers could be bluffing by using email address that have previously been compromised and leaked on the dark web such as 1 billion accounts compromised in the recent Yahoo hack.
“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the Apple statement says.
“The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.
“We’re actively monitoring to prevent unauthorised access to user accounts and are working with law enforcement to identify the criminals involved.
“To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”
The hackers also have shown off video which appears to demonstrate how they can log into the compromised accounts.
There are also some discrepancies in their story. One account from the hackers says it has access to 200 million accounts, another says 300 million and a third says 559 million.
The hackers have given Apple an April 7 deadline before it performs a factory reset on the accounts, wiping all of their data.
Tyler Moffitt, senior threat research analyst with Webroot, said the threat illustrates that every company was vulnerable to attack no matter how reputable or confident it was with its security.
“Unless there are adequate backup policies in place, I have no doubt that ransom will be paid, regardless of what Apple publicly claims,” Mr Moffitt said.
“There is a high chance of this data eventually appearing on the dark net.”
Security analysts said Apple users should consider changing their iCloud passwords to prevent unauthorised people having access to their accounts.
Chris Roberts, chief security architect at threat detection and defence solutions firm Acalvio, said consumers should be concerned if the hackers claims were true.
“If, and it’s a big if, they have the data then yes, consumers should be concerned. They need to be ready for another round of password resets and hopefully some two-factor authentication discussions,” Mr Roberst said.
“If, and again it’s an if, they have access to that volume of accounts, they will have already harvested anything good out of them therefore it sucks. However, once again, data is out in the wild.
“Finally, if this is real, then what the heck is Apple doing with security? And why the heck are they not putting anything official out?”
How to Protect Your iCloud Account From Hackers
Whether the claims and threat are real or not, but if hackers gain access to your iCloud account, they could easily download all your photos and other private data.
In order to keep your iCloud account safe from hackers, Apple users are advised to change their iCloud passwords immediately and enable two-step authentication to add an extra layer of security to your account.
We have already aware of the consequences iCloud accounts can make if they get hacked by malicious attackers. In 2014, iCloud hack led to The Fappening, wherein hackers flooded the Internet with nude photos of hundreds of female celebrities, which were stored in their iCloud accounts.
Some people are also linking the Turkish Crime Family to the recent The Fappening 2.0 incident that leaked private photographs of many celebrities, including Emma Watson and Mc Rose, last week.
However, there is no evidence to suggest the blackmail attempt had anything to do with The Fappening 2.0 attack.