Apple strengthening iCloud security in coming weeks, says Tim Cook

Tim Cook: Apple strengthening iCloud security in coming weeks


Tim Cook iPad Event

It was only a matter of time before Apple spoke out more publicly about the controversy surrounding the compromised iCloud accounts of numerous celebrities.

In an interview with The Wall Street Journal, Tim Cook revealed that Apple is adding new security measures to iCloud in the coming weeks. Users will be notified by email and a push notification for account activity, including whenever an iCloud backup is accessed. Two-step verification will also be strengthened to cover more aspects of iCloud.

Cook also said that Apple plans to raise more “awareness” about internet security.

“To make such leaks less likely, Mr. Cook said Apple will alert users via email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time,” reports the Journal. Apple has previously only sent emails for password resets and when a new device is logged into iCloud.

The notifications will begin in two weeks, a timeframe that is likely meant to coincide with the public release of iOS 8. The notifications will be actionable, meaning that you’ll be able to immediately alert Apple if something is wrong.

Apple issued a public statement yesterday denying that iCloud was “breached” by hackers to gain access to celebrities’ photos. The victims were the result of targeted attacks that involved guessing passwords and account recovery questions. But if the compromised had two-step verification enabled, the whole mess would have likely been avoided.

“When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece,” Cook told the Journal. “I think we have a responsibility to ratchet that up. That’s not really an engineering thing.”

Apple will more aggressively market two-step verification to its users, and in iOS 8 the security measure will cover logging into iCloud on a mobile device.

Two-step verification doesn’t currently protect Find My iPhone or iCloud backups.