A new band of hackers , styling itself the “ Turkish Crime Family ” , is claiming it has secured the details of some 200m iCloud accounts and that if Apple doesn’t pay Attack.Ransom a whopping $ 75,000 bitcoin or ethereum ransom Attack.Ransom ( or $ 100,000 in iTunes gift cards ) it will wipe the lot . First , Apple says its systems haven’t been breached Attack.Databreach . The company told Naked Security : There have not been any breaches Attack.Databreach in any of Apple ’ s systems including iCloud and Apple ID . The alleged list of email addresses and passwords appears to have been obtained Attack.Databreach from previously compromised Attack.Databreach third-party services . So 200m accounts obtained Attack.Databreach from previously compromised Attack.Databreach third party services is OK ? Obviously not , but there ’ s no suggestion that Apple itself is responsible for any compromised security . The Turkish Crime Family itself appears to be new on the security scene , believed to have started life in Istanbul but now resident in Green Lanes , north London , according to one report . Helpfully , the organisation has a Twitter account . Another curious facet of the alleged breach is that asking for payment Attack.Ransom in extremely traceable iTunes vouchers seems more than slightly curious ; why would you not ask for something with a less clean audit trail ? The group itself disputes the amount that ’ s been reported and blames a media relations operative ( presumably the same one who put an email address for media inquiries on the Twitter profile ) : This sum of $ 75,000 is incorrect , this was submitted by one of our old media guys that is not a part of our group . The sum is a lot higher The organisation has posted what it claims is video evidence to the Motherboard site . David Kennerley , director of threat research at Webroot , is among the first to wonder whether the threat is actually real . There are a lot of questions that need to be answered such as , do these hackers really have access Attack.Databreach to the data they claim ? How did they get hold of such a large amount of data ? Finally , there are still people who believe their Apple hardware is completely safe from malware just because it ’ s Apple . It ’ s great kit and it works beautifully but nobody is safe Logging into and erasing 200 million accounts would take some time . If it started happening , Apple could easily block the attack . Also , they ’ d have to have some sort of server or admin-level access to be able to wipe or delete accounts , or even a single server ’ s-worth of accounts . The Turkish Crime Family having that level of access would either entail an incredibly serious , hitherto unknown breach in Apple ’ s defenses ( improbable ) , or the help of someone on the inside ( more likely , but still doubtful ) . If an Apple user wasn ’ t backing up their entire device to the Apple Cloud , a device that was wiped wouldn ’ t have everything for Apple to restore . I suspect there are quite a few users that don ’ t do Cloud backups , or only back up a portion of their data .

`` There have not been any breaches Attack.Databreach in any of Apple 's systems including iCloud and Apple ID , '' an Apple representative said in an emailed statement . `` The alleged list of email addresses and passwords appears to have been obtained Attack.Databreach from previously compromised Attack.Databreach third-party services . '' A group calling itself the Turkish Crime Family claims to have login credentials for more than 750 million icloud.com , me.com and mac.com email addresses , and the group says more than 250 million of those credentials provide access to iCloud accounts that do n't have two-factor authentication turned on . The hackers want Apple to pay Attack.Ransom $ 700,000 -- $ 100,000 per group member -- or `` $ 1 million worth in iTunes vouchers . '' Otherwise , they threaten to start wiping data from iCloud accounts and devices linked to them on April 7 . In a message published on Pastebin Thursday , the group said it also asked for Attack.Ransom other things from Apple , but they do n't want to make public . `` We 're actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved , '' the Apple representative said . `` To protect against these type of attacks , we recommend that users always use strong passwords , not use those same passwords across sites and turn on two-factor authentication . '' However , the unusually high numbers advanced by the group are hard to believe . It 's also hard to keep up with the group 's claims , as at various times over the past few days , it has released conflicting or incomplete information that it has later revised or clarified . The group claims that it started out with a database of more than 500 million credentials that it has put together over the past few years by extracting Attack.Databreach the icloud.com , me.com and mac.com accounts from stolen databases its members have sold Attack.Databreach on the black market . The hackers also claim that since they 've made their ransom Attack.Ransom request public a few days ago , others have joined in their effort and shared even more credentials with them , putting the number at more than 750 million . The group claims to be using 1 million high-quality proxy servers to verify how many of the credentials give them access to unprotected iCloud accounts . Apple provides two-factor authentication for iCloud , and accounts with the option turned on are protected even if their password is compromised Attack.Databreach . The latest number of accessible iCloud accounts advanced by the Turkish Crime Family is 250 million . That 's an impressive ratio of one in every three tested accounts . The largest ever data breach Attack.Databreach was from Yahoo with a reported 1 billion accounts . `` At best they ’ ve got some reused credentials , but I wouldn ’ t be surprised if it ’ s almost entirely a hoax . '' Hunt has n't seen the actual data that the Turkish Crime Family claims to have , and there is n't much evidence aside from a YouTube video showing a few dozen email addresses and plain text passwords . However , he has significant experience with validating data breaches Attack.Databreach and has seen many bogus hacker claims over the years . To be on the safe side , users should follow Apple 's advice and create a strong password for their account and turn on two-factor authentication or two-step verification at the very least

Security experts say they are skeptical that a group of hackers called Turkish Crime Family actually possess a cache of hundreds of millions of Apple iCloud account credentials . A more plausible explanation , they say , is that crooks used credential stuffing attacks to amass a limited number of valid Apple usernames and passwords in attempt to extort money Attack.Ransom from Apple . Earlier this week , the group identifying itself as the Turkish Crime Family claimed to have a database of 750 million iCloud.com , me.com and mac.com email addresses and credentials . “ There have not been any breaches Attack.Databreach in any of Apple ’ s systems including iCloud and Apple ID , ” Apple said in a statement . “ The alleged list of email addresses and passwords appears to have been obtained Attack.Databreach from previously compromised Attack.Databreach third-party services ” . Hackers behind the claim are demanding Attack.Ransom Apple pay Attack.Ransom them $ 75,000 in cryptocurrency or give Attack.Ransom them $ 100,000 in iTunes vouchers , according to reports . If demands are not met by April 7 , the group said it will begin deleting data stored on iCloud accounts en masse . An independent analysis of 54 samples of the breached account data provided to ZDNet by the hackers were valid . However , security experts such as Troy Hunt , who runs the data breach repository HaveIBeenPwned.com , still isn ’ t convinced . Hunt told Threatpost he suspects the hack is a hoax , admitting he has not seen the any samples of the breached data . “ It ’ s entirely possible whoever is behind this could have username and password pairs that work on a limited number of Apple accounts in just the same way as re-used credentials will work across all sorts of other accounts , ” Hunt said . He said the Turkish Crime Family likely has a far smaller pool of valid Apple credentials than it claims . Shuman Ghosemajumder , CTO of the firm Shape Security told Threatpost he suspects the hackers may have used credential stuffing attacks , using data from previous breaches , to gain access to an undetermined number of iCloud accounts . Shape Security estimates that last year alone 3.3 billion credentials were exposed Attack.Databreach via breaches . Despite credential stuffing ’ s low success rate of 1 percent to 2 percent , Ghosemajumder said , when applied to a large enough cache of data ( purchased on the dark web by the database ) the hackers may have enough information to successfully crack thousands of Apple accounts . “ There are certainly enough credentials spilled onto the internet to think someone could use credential stuffing techniques to pull together a convincing number of valid accounts in attempt to extort Attack.Ransom Apple for ransom money Attack.Ransom , ” Ghosemajumder said . Patrick Wardle , director of research at Synack , echoed the same credential theory suggesting that breaches Attack.Databreach over the past year have given hackers ample opportunity to pull together some valid iCloud account credentials . Since approaching Apple earlier this month with its demands , the Turkish Crime Family has been inconsistent about how many account credentials it allegedly possesses . Speaking to various different media outlets , the group has said it had 200 million credentials to as many as 750 million . The hacking group said that its repository isn ’ t the result of one breach , rather multiple . On Thursday , the group claimed to have a database of 750 million credentials , 250 million of which are “ checked and working , ” according to the group . Meanwhile , Apple says it ’ s actively monitoring to prevent unauthorized access to user accounts and is working with law enforcement to identify the criminals behind the Turkish Crime Family extortion scheme Attack.Ransom .