A security loophole in the Apple’s iCloud service could be behind the leaking of nude photos of Jennifer Lawrence and other celebrities, claims a security expert, who alleges the leak is a hack that could have been prevented.
Apple does not however agree and says that there was an account breach.
A Daily Dot report says that Ibrahim Balic, a London-based software developer, had a lengthy email exchange with an Apple staff in March about the loophole that could encourage infiltration into iCloud accounts, but nothing was done to prevent it.
It is said that Balic succeeded in guessing passwords of a few Apple accounts by testing around 20,000 passwords on accounts and contacted Apple pointing out the flaw and asking them to come out with a lockout policy.
The episode with Balic ended after Apple asked “Do you believe that you have a method for accessing an account in a reasonably short amount of time?”
The report claims that Balic was also responsible for a hack back in June last year and had claimed that he had personal information of more than 10,000 registered users of the iCloud.
Indications are that Apple had acknowledged that hackers had obtained the nude photos of Jennifer and others by pilfering their accounts, but was not through a wide attack on the company’s services. Currently Apple uses a two-step verification for iCloud protection.
