Action required: Change Apple (iTunes) passwords

Criminals have reportedly threatened to take over 250 million Apple accounts on April 7, 2017, if Apple does not pay a ransom. This could potentially allow them to remotely wipe iPhones, iPads, and some Apple computers. It could also lead to the compromise of confidential information and fraud. At this time, it appears that those responsible for the extortion attempt do possess some valid Apple account credentials. They have reportedly provided them to the media, likely to increase the pressure on Apple.

This could play out in a few different ways: It could be largely a bluff based on possession of a small number of credentials. A large number of the passwords might be outdated. Criminals may have the stolen credentials they claim, and carry through with the threat. Criminals may not honour the April 7 deadline as Apple and their customers react in a situation that is becoming dynamic. It is also possible that Apple servers could be swamped by users changing their passwords.

Apple has reportedly told the media that, “There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.” If that is the case, then only those who have used their Apple account on another site are likely impacted. However, given the uncertainty involved, that most Apple users back up their information to iCloud, and capabilities such as Find My Phone and remote wipe exist, the cost of changing one’s password seems exceptionally low compared to the potential risks.

Based on currently available information, the best course of action is to change Apple account passwords immediately and, if not already in place, turn on two-factor authentication.

Apple passwords can be changed at https://appleid.apple.com/ or from your iPhone or iPad (Settings -> iCloud -> Click on your name -> Passwords & Security -> Change Password).

Here are some of many articles on this evolving story:

http://www.zdnet.com/article/apple-icloud-ransom-what-you-need-to-know/

https://motherboard.vice.com/en_us/article/hackers-we-will-remotely-wipe-iphones-unless-apple-pays-ransom

https://www.cnet.com/news/hackers-apple-extortion-icloud-account-iphone/

This article will be updated as new information becomes available.