Cook says no Apple IDs and passwords leaked from the company’s servers, but rather the leaks occurred when hackers answered security questions correctly or used phishing scams to get login credentials.
Apple will make changes to further secure customer iCloud accounts as it plans to now send push alerts and email notifications when:
- someone tries to change your account password
- someone attempts to restore iCloud data to a new device
- a device logs into an iCloud account for the first time
Previously, users only were alerted via email when there were password changes or a login from the first time from an unknown Apple device. Now, there will be notifications for restoring iCloud data as well.
The new notifications will be implemented by Apple in the next two weeks, allowing users to take back control of their compromised accounts immediately, by changing back passwords or by alerting the company’s security team.
Apple said it also plans to start informing customers to enable two-factor authentication when iOS 8 launches, since the majority of users right now do not use it. The company says if celebrities had two-factor turned on, hackers would not have had the chance to compromise security questions and answers.
Cook had this to say about the entire situation:
“When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece,” he said. “I think we have a responsibility to ratchet that up. That’s not really an engineering thing.”
“We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are,” said Mr. Cook.
Apple already responded with a statement on the matter, but Cook aims to be more transparent to ensure iCloud is secure and custom data remains safe with this interview.
Why? The answer is obvious, as the company is set to make some of its biggest announcements next week (iPhone 6 models, ‘iWatch’, iOS 8 and possibly more), streamed live to the world on September 9 at 10AM PDT.
With NFC rumoured to play a major role in the debut of Apple’s mobile payment plans, the time is now to nip this iCloud hacking story for good to reassure the public they can trust the company with their payment (and health) data.