Skip to main content

Apple ransomware attack: iCloud accounts hacked

Stay on top of the recent Apple hack incident where threat actors from the Turkish Crime Family group hold millions of iCloud and other accounts for ransom.

Hundreds of millions of Apple accounts have been allegedly compromised in a defiant ransomware incident. These reports started hitting the headlines on March 21, 2017. A cybercriminal ring calling themselves the “Turkish Crime Family” approached a number of popular media companies, claiming to have hacked into hundreds of millions of, and email accounts. The accurate number of accounts purportedly at risk is quite blurred at this point. First, it appeared to be around 300 million; later on, an individual from the same syndicate stated it was 559 million; and the latest reported figure is 627 million. There is no plausible evidence regarding the exact quantity. One way or another, the issue is extremely disconcerting.

Two-factor authentication will help avoid the consequences of a breach

The biggest concern has to do with the fact that anybody who gets access to one’s iCloud account can remotely wipe the victim’s Apple device. Furthermore, the cache of all customer data that’s supposedly in the threat actors’ hands is a big privacy problem with potentially devastating consequences. For Apple to settle the issue and thwart the worst-case scenario, the crooks have put forward a mercantile condition. They ask for $75,000 in cryptocurrency, either Bitcoin or the growingly popular Ethereum. As an alternative, the ransom can be submitted in $100,000 worth of iTunes gift cards. The deadline for making the payment is until April 7. If these demands are met, the black hats promise to erase the cache of purportedly stolen information, otherwise they will start deleting the data or making it public knowledge. To prove that it’s not bluff, the perpetrators from the “Turkish Crime Family” added a YouTube video where they ostensibly log into some victims’ breached iCloud accounts. The video demonstrates that they attackers are able to access a backup of people’s photos and wipe their devices altogether.

Apple’s official response surfaced on March 22. The company reassures everyone that its systems did not undergo any breaches. According to the statement, information on customers’ iCloud accounts may have been leaked due to earlier incidents where third-party services were compromised. However, Apple has not denied the probability of user data being actually affected, so the company strongly recommends its clients to use strong passwords, not to reuse them for different accounts, and set up multi-factor authentication for accessing iCloud services. Meanwhile, it’s a good idea for all members of the Apple community to reset their Apple ID credentials by April 7. Even if the bad guys’ claims are for real, doing so will keep you on the safe side, so don’t fail to follow the steps below.

Reset your Apple ID password

As per the anatomy of this con, an efficient workaround is to reset the iCloud login credentials. To do this, go to and follow the steps below:

• Select the option that says "Forgot Apple ID or password?"

Getting started with Apple ID password recovery

• Enter your current Apple ID, type the CAPTCHA characters and click Continue.

Fill out the requested details to proceed with password reset

• Select the option of choice to reset your Apple ID password. You can choose to answer your security questions or get an email to proceed. Go on by clicking Continue

Follow instructions in password reset email

• Follow any further directions until you reset your iCloud password. You should now be safe, because even if the hackers obtained your old iCloud login credentials, they won’t be able to access your account anymore.


Was this article helpful? Please, rate this.

There are no comments yet.
Authentication required

You must log in to post a comment.

Log in