Apple has released a statement saying that it is aware that attackers are regularly trying to gain access to users data and that they take it “very seriously”.
In a statement Apple said: “Apple is deeply committed to protecting our customers’ privacy and security. We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.
The iCloud website is protected with a digital certificate. If users get an invalid certificate warning in their browser while visiting www.icloud.com, they should pay attention to the warning and not proceed. Users should never enter their Apple ID or password into a website that presents a certificate warning. To verify that they are connected to the authentic iCloud website, users can check the contents of the digital certificate as shown below for Safari, Chrome, and Firefox—each of which provides both certificate information and warnings.”
Then Apple has provided examples of when to be suspicious of iCloud in each of the three browsers they mentioned. I think even though it’s nice to see that they are taking more precautions over iCloud attacks, and with people’s security in general, it’s still not the response many have been looking for after users in China have claimed that the government is hacking their iClouds and spying on their personal data. As for your iCloud though (if you have it that is), then the usual rules apply – don’t enter your usernames, emails and passwords if you think a site looks suspicious, and if you’re unsure always check that you are using a secure, encrypted connection which Apple has detailed how to check for in it’s release.
You can check out the statement here, but for now what do you think? Should Apple be taking these hacking claims more seriously? Or are their basic guidelines enough to protect from anyone up to the most dedicated of attackers? Let us know.
