We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

AP Photo/Andy Wong
Better late than never

Apple vows to tighten up security after iCloud celebrity hack

The company plans to push two-step authentication and send notifications to users any time someone tries to restore their iCloud account.

APPLE WILL SOON begin notifying users any time someone tries to restore their iCloud account, in response to the accounts of celebrities being compromised earlier this week.

Speaking to the Wall Street Journal, Apple CEO Tim Cook said that the company plans to start sending the notifications in two weeks, allowing users to take action immediately by changing the password to retake control of their account or alerting Apple’s security team.

He denied that the compromise was down to a lax attitude on Apple’s part, saying it was down to hackers correctly answering security questions to obtain passwords, or through phishing scams.

To ensure that a similar situation won’t occur again, Cook said the company will alert users via email and push notifications whenever someone tries to change an account password, restore iCloud data to a new device or when a device logs into an account for the first time.

Currently, users only get an email when someone tries to change a password or log in for the first time from an unknown Apple device. There were no notifications for restoring iCloud data.

Cook did say that Apple could have done more to make people aware of the dangers of hackers targeting their account.

As a result, it will broaden its use of two-step verification, which requires a user to have a password and a separate four-digit code to sign in, and will push those using the next version of iOS to activate it.

Earlier this week, the company issued a statement to say that iCloud wasn’t breached, and that the compromise was down to a “very targeted attack on user names, passwords and security questions.”

Read: Google agrees to refund $19 million to parents for unwanted in-app purchases >

Read: Dyson’s first ever robotic vacuum cleaner is probably smarter than you are* >

Your Voice
Readers Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.