Apple is doubling down on security to avoid future iCloud leaks

Apple Inc. said it plans additional steps to keep hackers out of user accounts, but denied that a lax attitude toward security had allowed intruders to post nude photos of celebrities on the Internet. In his first interview on the subject, Apple Chief Executive Tim Cook said celebrities’ iCloud accounts were compromised when hackers correctly answered security questions to obtain their passwords, or when they were victimized by a phishing scam to obtain user IDs and passwords. He said none of the Apple IDs and passwords leaked from the company’s servers. To make such leaks less likely, Mr. Cook said Apple will alert users via email and push notifications when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time. Until now, users got an email when someone tried to change a password or log in for the first time from an unknown Apple device; there were no notifications for restoring iCloud data. Apple said it plans to start sending the notifications in two weeks. It said the new system will allow users to take action immediately, including changing the password to retake control of the account, or alerting Apple’s security team.