Apple, in typical Apple fashion, has addressed the claims that iCloud was hacked during the “Apple ID” attack making the rounds earlier this week.
In a statement, Apple said, “Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.”
The attack, reported earlier this week, led to iPhones being taken hostage. The party behind the attack asked for $100.00 to unlock the phones that they locked down remotely. We still don’t know how the attackers got access to the Apple ID accounts but at this point many are assuming the hackers were able to access Apple ID credentials through a third party, and then use those account credentials to lock people out of their phones by using Find My iPhone.
You can, and should, set up two-factor authentication for your Apple ID after changing your passwords. Apple will then ask you to both input your password and input a code they send you on your phone before you can change account information or make purchases online.