Somewhere in March 2017, a Britain-based hacker group known as the Turkish Crime Family spammed various press outlets with emails claiming to have stolen over 250 million iCloud accounts.
The group advised Apple to pay up $75000 in Bitcoin or $100000 worth iTunes gift cards by April 7th. They threatened that should Apple fail to do so, 200 Million iCloud accounts will factory reset as well as remotely wipe all the data from every hacked Apple device.
200 Million iCloud accounts will be factory reset on April 7 2017
— Turkish Crime Family (@turkcrimefamily) March 21, 2017
After the group replaced its spokesperson and decided on raising the final ransom to $400000, many security experts decided that this treat has all the hallmarks of a stunt.
The Threat Seemed Real
As you can expect, Apple downplayed the whole issue and announced that its systems had not been breached by any hacking group. Strangely, an Apple spokesperson admitted that the Turkish Crime Family could have acquired the accounts with passwords from a third-party service.
In the following weeks, ZDNet managed to obtain a set of 54 breached accounts for verification purposes from the hacker group. According to them, all of them were perfectly valid.
Breach or Stunt?
Some security experts argued that instead of getting access to millions of accounts directly from Apple, the hacker group most likely collected data from other big breaches that happened in the past and used it to take a swing at iCloud and see what stuck.
After a thorough analysis, esteemed security researcher and creator of Have I been pwned?, Troy Hunt argued that 98% of the email addresses supposedly hacked correspond to previous breaches from LastFM, LinkedIn or MySpace.
Did Apple Pay Up?
April 7th has come and gone, but what happened with the 200 million iCloud accounts that were supposedly breached? Has Apple paid the hacker group after all?
The hacking group boasted on Twitter that it has received the ransom money in full. The Turkish Crime Family posted the address of a bitcoin wallet showing hundreds of bitcoins deposited on the evening of the deadline.
Since there have been no new news on iCloud accounts being deleted, some people wondered if Apple actually paid the ransom money.