C Net - How those nude photos were leaked (and why you should care)

What does the hack mean for your own cloud security? Here are all of your nude selfie-related questions answered.

by Sharon Profis

A number of celebrities were targeted this week in an attack that exposed nude photos -- some said to be real, others fake -- stored in Apple iCloud accounts. Here's what we know and what it means about your own cloud security.

How were the celebrities' accounts hacked?

Celebrities whose iCloud photos were leaked fell victim as a result of targeted attacks, according to the latest reports and information released by Apple. This means the people who hacked into the accounts likely knew the email addresses associated with the celebrity accounts or they were able to answer security questions that granted them access to the accounts.

It's still unclear how the hackers might have known the answers to account security questions and obtained the usernames for the accounts.

What about that security hole?

It was thought hackers may have gained access to the iCloud accounts through a security hole in the online storage service's "Find My iPhone" feature which allowed them to conduct brute-force attacks. With a brute-force attack, hackers use a script to automatically try many different username and password combinations in rapid succession until the correct combination is guessed.

Apple patched this hole Tuesday morning and confirmed that this was not the method used by the hackers to log in to the celebrities' accounts.

I still don't understand. They're celebrities.

Contrary to popular belief, most celebrities use technology the same way as most other not-famous people. Apple, Google, and other major tech players don't necessarily give celebrities access to special security features. If there were security-bolstering features available, we'd hope these companies would distribute them to all users, not just the privileged.

Celebrities have the same security tools we do, so we're technically all equally vulnerable. But, since their faces grace the covers of magazines and theater screens, they end up being targeted more often.

Celebrities also don't always take advantage of security protocols that are available. For example, based on the information currently available, these celebrities might have been protected against the attacks if they were using two-step verification, which adds an extra step to the basic log-in procedure.

http://www.cnet.com/how-to/how-nude-photos-leaked-protect-icloud-account-security/?tag=nl.e214&s_cid=e214&ttag=e214&ftag=CAD3c77551