The iCloud snafu that recently occurred has got everyone up in arms, with Apple being the target of all sorts of criticism, perhaps some of it even justified. Yesterday, Brian took a look at iCloud and its security, concluding that “iCloud is as secure as it can be, as long as you treat it with the respect and care that is required. Using 2-factor authorization is important, which you can set up with your Apple account, as well as using unique passwords for every account.”
With the extent of the security breach, Apple has naturally had to respond quickly to contain the damage done. Tim Cook, in an interview with The Wall Street Journal, explained how the celebrities’ accounts were compromised. He said that this was due to the hackers correctly answering the security questions in order to obtain the passwords to their accounts. Either that or they were victimized by a phishing scam, which obviously led to their user IDs and passwords being compromised.
He emphasized that the breach did not happen from Apple’s end: the user IDs and passwords were not obtained via Apple’s servers.
Still, in an effort to make iCloud even more secure – and to assuage the public’s concerns, of course – Apple is adding security alerts for iCloud users. Basically, this means that we will receive iCloud security alerts when these actions occur:
- the account password is changed
- iCloud data is restored to a new device
- a device logs into an account for the first time.
These alerts will come through via email and push notifications, so that the authorized user will know if someone else tries to access their account.
According to Tim Cook, Apple will start sending the iCloud security alerts in two weeks.
While this is definitely a good thing, I find it rather surprising that the system was not put in place from the get go. Perhaps it was an oversight on Apple’s part, but what’s done is done.
What do you think of the new iCloud security alerts? Will these avoid security breaches in the future?
More on iCloud: