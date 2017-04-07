By the time news of a data breach reaches the news the damage is already done. But in this case, it appears that there might be some warning of things to come? Or it might be a giant hoax?

In any event …

(1) You may wish to take this opportunity to change your Apple passwords. However, if they also captured the master keys to Apple’s security apparatus, you still might be at risk.

(2) You may wish to make sure the information on your iPhone is backed up on your local computer as well as in the cloud. And,

(3) You may wish to backup your iCloud information that is critical. If you are like most people, there is bound to be a ton of old, obsolete, or unwanted data that could be eliminated before backup;

(4) You may wish to store your critical, sensitive, and memorabilia on a detached external drive. The costs for 1 – 4 terabyte external drives are extremely reasonable; and

(5) Use a good software backup program. I use Acronis True Image on my Windows systems for four reasons: one, it is reliable; two, it allows you to restore your data to dissimilar systems; three, it can backup your data to a hidden partition on your disk that is not normally reachable by your operating system; and four, you get a number of additional features that add value rather than being bloatware.

If you believe that Apple phones are uncrackable because of the FBI’s efforts to unlock the San Bernardino shooting, remember that they could access everything in the cloud, and the reason that they couldn’t actually access the iPhone is because they gave someone permission to change the password – so the data could not be backed-up to the cloud where it would be accessible. And, let us not forget, even though Apple declined to help the FBI – someone else did, possibly an Israeli security firm. <Source>

What is being reported—April 7, 2017 deadline …

Hackers claim to have breached hundreds of millions of Apple accounts Apple’s iPhones and Apple IDs are a tough nut to crack for hackers, but it’s not be impossible. At least that’s what a group of hackers seem to suggest, as they’re currently attempting to blackmail Apple for up to $100,000 before they start remotely wiping millions of iPhones. Can they actually do it? Should you be worried? It’s unclear at this point. The hackers apparently engaged in conversations with the media to force Apple’s hand. The Turkish Crime Family hacker group, which spoke to Motherboard, want either $75,000 in Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards. “I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers said. Apparently, the hackers have been in contact with Apple’s security team for quite a while now. They even posted a video on YouTube to prove they have actual access to iCloud accounts, access which can be used to remotely wipe iPhones. Apple, understandably, doesn’t appear to be willing to pay up the ransom. “We firstly kindly request you to remove the video that you have uploaded on your YouTube channel as it’s seeking unwanted attention, second of all we would like you to know that we do not reward cyber criminals for breaking the law,” a screenshot of a message purportedly coming from an Apple security team member reads. The hackers say they have access to more than 300 million Apple email accounts, including @icloud and @me domains. The number is the source of some confusion though, because a different hacker from the group claimed they had 559 million accounts in all. They have not explained how they gained access to Apple ID credentials. The hackers are threatening to move forward with remotely wiping Apple devices on April 7th, unless Apple pays up. Apple hasn’t publicly commented on the matter at this point. On the off-chance that the hackers are indeed holding access to millions of iCloud accounts, you might consider changing your password to protect your Apple ID. <Source>

Bottom line …

This doesn’t much affect me because I do a nightly backup to external devices and can recover from data loss. I have lost hard drives in the past and have tested my system thoroughly. But it does remain disconcerting that there will always be a zero-day exploit (an unpatched vulnerability) that exists in some system. Our NSA and other foreign intelligence services have been known to research these exploits and keep them handy for remote penetration into targeted systems.

Will Apple do a Yahoo and report the breach post facto -- after the damage is done?

We are so screwed.

