Turkish Crime Family reportedly contacted Apple saying it had taken around 300 million iCloud accounts.

Ransomware attacks against businesses are on the rise, according to multiple sources, mostly because they’re effective. Medical facilities and schools have been hit hard in the past year because the ransom is minor compared to the potential fines and lawsuits over privacy and confidentiality, let alone physical harm to patients or students. But a newly reported hacking shows that even the threat of an attack is enough to make some criminals reach out for a buck.

Turkish Crime Family reportedly contacted Apple with evidence that it had taken over around 300 million iCloud accounts

Turkish Crime Family reportedly contacted Apple with evidence of taking around 300 million iCloud accounts

A group calling itself Turkish Crime Family reportedly contacted Apple with evidence that it had taken over around 300 million iCloud accounts. The instructions were to pay a hefty ransom or the accounts would be deleted. The reputational damage alone might be enough to make some companies quietly give in–companies that aren’t Apple, we should clarify–let alone the potential cost in legal disputes.

No deal

Apple, however, supposedly called the bluff and said we don’t negotiate with criminals. That’s a pretty confident answer from a tech giant, so they must have sufficient reason to believe the threat was weak. The “proof” in the ransom demand was merely a YouTube video and some screenshots, both of which can be created. The hackers did reach out to Motherboard with their claims, so there’s at least a shred of plausibility to it though, or else why would they drag in some experts to poke holes in their claim?

Interestingly, the would-be hackers demanded payment in either Bitcoin or iTunes gift cards, two common currencies for this type of scam. Assuming the hackers had just ruined Apple’s reputation by shutting down the entire iCloud network, those gift cards wouldn’t be all that valuable.

Doubt on the validity of claims

There was a final odd factor in the exchange between the hackers and Apple’s security team, an exchange that was shared with Motherboard via screen shots. The security team’s alleged responses are…off. The grammar and syntax were very un-Apple-like, casting doubt on the validity of any of these claims. The whole thing may be a publicity stunt or an extortion attempt based solely on handcrafted “proof.” Of course, anyone truly concerned about the danger can simply change their iCloud password, which is a good routine habit to develop anyway.

Response

Apple has now responded to a request for comment by Fortune magazine, saying, “There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the spokesperson said. “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.” They do acknowledge that if the hackers did gain any unauthorized access to iCloud accounts, it most likely occurred as a result of third-party breaches like the Yahoo breach.