A group of hackers calling themselves the Turkish Crime Family claim to have access to at least 300 million Apple accounts. In speaking with Motherboard, the hackers say they’ve been in contact with Apple’s security team regarding a ransom of $75,000 in Bitcoin or Ethereum (another decentralized blockchain-based distributed computing platform) or $100,000 in iTunes gift cards.
The team reportedly provided the publication with access to an e-mail account and screenshots of e-mails between them and Apple’s security team. The hackers also shared a YouTube video in which it appears as though they log into some stolen accounts including one allegedly belonging to an elderly woman. Said account includes backed-up photos as well as the ability to remotely wipe her device.
In an alleged reply from Apple, the company asks the hackers to remove the video uploaded to YouTube as it is seeking unwanted attention. The Cupertino-based company goes on to say that they do not reward cyber criminals for breaking the law and that the communications with them will be sent to the authorities.
The publication says the hackers have told Apple they will reset a number of the iCloud accounts and remotely wipe victim’s devices on April 7 unless the ransom is paid.
As Motherboard notes, there are some inconsistencies in the hackers’ story. At one point, they claimed they had 559 million accounts, not 300 million. Also, it’s not all that difficult to fake screenshots and e-mails. Then again, it’s entirely possible that they do have access to the accounts but are keeping details close to the vest.
Barring any legal intervention or patches, I suppose we’ll find out either way come April 7. In the meantime, it wouldn’t be a bad idea to change your Apple account password and enable two-factor authentication if you haven’t already done so.