Last week, a news story at Motherboard revealed that a group of hackers claimed to have gained access to nearly 600 million iCloud accounts. Apple has responded to the report saying that there is no breach of their servers, rather the attackers appear to have used the rather large password cache obtained from the massive Yahoo breaches of the last two years. It is likely that the hackers used other data sources to line up those passwords with Apple IDs belonging to the same people. While this means that you may not be at risk if your iCloud account was using a unique password, to be safe, you should probably change your password and enable two-factor authentication.
Why is this security measure important? Well, aside from attackers having access to potentially private information stored in your account, iCloud contains a security measure that allows you to remotely erase your iPhones, iPads, and Macs if they are ever lost or stolen. This feature is called Find My iPhone (or iPad or Mac). If your account has been compromised, and Find My iPhone is enabled on any of your stuff, then your devices can be wiped remotely, against your will. This is what the hackers have reportedly claimed to do if Apple does not pay their ransom by April 7th.
News flash: Apple will not pay the ransom.
So, for your protection, I suggest following these steps to allow you to keep your accounts and devices safe. Because no one wants lose all the pictures of their food they’ve taken for the last 10 years. I stole these instructions from Apple’s own support pages, so if you feel like you need more details on these, check out the original links by clicking on the links below.
- Sign in to your Apple ID account page.
- In the Security section, click Change Password.
- Enter your current password, then enter a new password and confirm the new password.
- Click Change Password.
- Sign in with your new Apple ID password to access Apple features and services.
Two-factor authentication is currently available to iCloud users with at least one device that’s using iOS 9 or OS X El Capitan or later. Learn more.
You can follow the steps below to turn on two-factor authentication.
On your iPhone, iPad, or iPod touch with iOS 9 or later:
- Go to Settings > iCloud > tap your Apple ID.
- Tap Password & Security.
- Tap Turn on Two-Factor Authentication.
On your Mac with OS X El Capitan or later:
- Go to Apple () menu > System Preferences > iCloud > Account Details.
- Click Security.
- Click Turn on Two-Factor Authentication.
If you already use two-step verification, turn it off, then turn on two-factor authentication.
That’s it. Hopefully, everything will work smoothly and you can move on with your life, stress-free. If not, give Apple a call and they can help you ensure that Two-Factor Authentication is enabled, as well as confirming that the only devices confirmed with your account are those you own and trust.