Don’t blame security flaws in Apple’s iCloud for the theft and distribution this weekend of several nude photos of prominent actresses including Jennifer Lawrence, Kirsten Dunst, and Kate Upton, the electronics company says. After a 40-hour investigation it concluded that the privacy violations came from a “very targeted attack on user names, passwords, and security questions,” Apple said today in a statement. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.” It advised people to “always use a strong password and enable two-step verification.” Apple added that it’s working with law enforcement officials to help “identify the criminals involved.” The FBI says that it is “aware of the allegations…and is addressing the matter.” It declined to comment on Apple’s statement.
Apple’s explanation didn’t satisfy writer and software engineer David Auerbach. The company “has had a known security vulnerability in its iCloud service for months and has been careless about protecting its users,” he says on Slate. “Apple patched this vulnerability shortly after the leak, so even if we’re not sure of exactly how the photos got hacked, evidently Apple thinks it might have had something to do with it.” That’s “reason enough for users to be deeply upset at their beloved company for not taking security seriously enough.”
The breach could hardly come at a worse time for Apple: It plans a press event on September 9 where it’s expected to unveil new iPhones, its long-awaited iWatch, a mobile payments service, and possibly a wearable device that tracks users’ health. They’ll be hard to sell if consumers fear that hackers can get at the private information.
But investors appear unfazed. Apple’s share price rose 0.8% today, a flat day for the overall market.