Apple says that iCloud was not hacked, following on from the news that a number of iOS and Mac users in Australia, New Zealand, Canada, and the U.S. report have had their devices remotely locked in exchange for ransom.
It’s been speculated that the hacking in question was done using login credentials gained from users as a result of recent data breaches and then used as Apple ID logins to lock users out via iCloud. While this may be the case, Apple says that it is not the result of the iCloud being compromised in any way.
In a statement, Apple notes that “it takes security very seriously and iCloud was not compromised during this incident.”
Affected users are advised to change their Apple ID passwords as soon as possible, and also to avoid using the same username and password for multiple services. Users who need additional help should contact AppleCare or visit their local Apple Retail Store, Apple says.
While Apple doesn’t say so in its statement, it is also highly recommended that iOS devices take advantage of Apple’s two-step verification process for Apple IDs, and passcode lock or Touch ID.
Users who have been targeted have found their Mac and iOS devices displaying a “ransomware” message claiming to have been hacked by “Oleg Pliss.” To unlock the devices they are asked to send money to a PayPal account.