Apple states iCloud not compromised in extortion attack


By

Chris Duckett for ZDNET:

Affected Australian users woke up yesterday morning to find their phone, tablet, and even desktop or laptop, showed a message originating from Apple's find my device service stating "Device hacked by Oleg Pliss" and asking user send US$100 to unlock the device.

It is presumed that the attackers gained access to users' Apple ID credentials, and from that point on, have been able to access the Find My iPhone service to lock the devices.

Apple told ZDNET that iCloud security was not breached. The company suggested users may have had their accounts compromised through a third party using the same password.

Considering what you can do with access to an Apple ID, as illustrated above, it's always a good idea to have a unique password for that one.