Apple said on Tuesday that the online posting of intimate photos of Hollywood celebrities were targeted attacks on their iCloud accounts and that none of the cases it investigated had resulted from a direct breach of its systems.
Apple’s response came after the photos of Oscar-winning actress Jennifer Lawrence and other female entertainers emerged over the weekend. The technology company said it was working with law enforcement and would continue to investigate the source of the attacks.
“We have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the internet,” Apple said in a statement.
“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.”
The breach comes as Apple prepares to launch a new iPhone next week and, more importantly, as smartphones increasingly become the repository for sensitive healthcare, banking and other personal data.
‘Nothing is safe on the internet’
Regardless of how it occurred, the breach prompted celebrity representatives and security experts to issue fresh warnings about storing data on the internet.
Martin Garbus, a New York trial lawyer who over the years has represented actors Al Pacino, Sean Connery, Robert Redford and others, said worried clients had approached him after the apparent mass hacking over the weekend.
“Nothing is safe on the internet, period,” he told Reuters. “Everything on your iPhone, whether it be phone calls, message texts, pictures, is all available.”
Personal photos of Sports Illustrated swimsuit model Kate Upton and American actress Mary Elizabeth Winstead were also posted on the image-sharing forum 4Chan.
“This is just one of a series of wake-up calls that people are ignoring,” said Chris Crowleigh, a cyber-security expert specialising in mobile devices at the SANS Institute.
“People just sort of implicitly accept the risk of storing their data on the cloud until they actually see something bad happen to someone they can relate to.”
Lawrence’s representative described the release of the photos as a “flagrant violation of privacy” and said the authorities had been contacted.
Civil lawsuits possible
The FBI said it is addressing the matter, but added that any further comment “would be inappropriate at this time”.
Apart from any criminal charges that might be pursued under federal or state hacking laws, Lawrence and the other celebrities could bring civil lawsuits against the alleged hacker or hackers and those who shared the photos.
“The way the celebrities were treating the photos, I don’t think there’s any doubt that the law will treat them as being private and the distribution of the photos was a violation of privacy,” said Evan Brown, a technology and intellectual property attorney at InfoLawGroup in Chicago.
In 2012, a Florida man was sentenced to 10 years in prison for hacking into online accounts of more than 50 people in the entertainment industry. He gained access to nude photos of actress Scarlett Johansson, who tearfully said she was “humiliated and embarrassed” in a video statement to the court.
Looking means violating
Celebrities took to Twitter to characterise the alleged hacking, purportedly targeting dozens of female actresses, models and athletes, as less of a privacy invasion than an act of sexual aggression.
“Remember, when you look at these pictures you are violating these women again and again. It’s not okay,” said actress Lena Dunham.
Garbus said he was not surprised by the hacking because he said he has seen it in the past.
“There are just so many different ways that one’s privacy can be invaded,” he added. – Reuters