Following news that some iPhone owners in Australia were locked out of their smartphone and presented with a demand for a ransom, Apple has said its iCloud servers weren't hacked. The ransom attack, called Oleg Pliss, demanded US$100 from victims and raised questions about how the attackers gained the necessary passwords to lock users out of their iPhones and iPads.
Apple: iCloud servers weren't hacked in Oleg Pliss ransom attack
In a statement to ZDNet, Apple said,
Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.
The assumption earlier this week was that victims used the same password for more than one website, and their personal information was taken in a data breach on a different server -- possibly when eBay was hacked several weeks ago.
Details that could help uravel the mystery haven't been found yet. Apple's own users is hoping to change that quickly and have taken to the company's online forums to share information that could eventually uncover common elements that lead back to the attackers.
For now, changing your iCloud password is a prudent move in case the people behind the ransom threats have a larger database with more potential victims to exploit.