By Jonathan Davies
The security of Apple's iCloud back-up storage service has been questioned today (Monday) after hundreds of nude and semi-nude images of celebrities including the likes of Jennifer Lawrence, Kirstin Dunst and Arianna Grande were leaked last night.
An anonymous user claims to have hacked iCloud before posting the nude photos of actresses Jennifer Lawrence, Kirstin Dunst, music artist Arianna Grande, model Kate Upton and many more on 4chan, a message board notorious for such posts.
If users activate iCloud, their photos, videos, emails and contacts are automatically backed up online - particularly important for business readers. They can then sync the files to other devices (iPhone to iPad, for instance) and access the files through a web browser using a username and password.
However, there is no evidence yet to prove that iCloud was hacked. Apple claims that iCloud's security is 'robust'. The anonymous person who leaked the nude images claimed to have hacked the service, but it's possible that is was done through more simple means like guessing simple passwords or answering security questions.
Some cyber security experts have suggested that Dropbox may been involved in the leak - “an employee with access to data somewhere made a private stash” may have been subsequently hacked, it has been claimed.
At this point, Apple and Dropbox have made responded to requests for comment.
Ken Westin, security researcher at Tripwire, said: "Some media are reporting that the celebrities 'phones were hacked', however it appears that the source of many of the leaks may have been the iCloud service the images were backed up to, however this has not been confirmed.
"There has been no response yet from Apple if this is part of a larger potential compromise of the iCloud infrastructure, or simply the leakers gaining access to their accounts by guessing passwords or other methods. There have been numerous images released of the celebrities and claims by the leakers of more to come as well as videos. Given the number of celebrities compromised it could be a combination of multiple services.
"This is not the first time private celebrity images have been compromised. In 2011 Scarlett Johansson, Christina Aguilera and others had images compromised by Christopher Chaney who compromised multiple celebrity email accounts simply by guessing their passwords. Chaney was caught and sentenced to 10 years in prison.
"It is important for celebrities, businesses and the general public to remember that images and data no longer just reside on the device that captured it. Once images and other data are uploaded to the cloud, it becomes much more difficult to control who has access to it, even if we think it is private. Although many cloud providers may encrypt the data communications between the device and the cloud, it does not mean that the image and data is encrypted when the data is at rest. If you can view the image in the cloud service, so can a hacker."
Are you business files backed up to iCloud? How robust are your cyber security measures? You can email your reactions to email@example.com
Join us on