SHAFAQNA – According to new reports, Apple was warned about the security vulnerability in its iCloud service months before the celebrity photo scandal. Apple had received emails from London-based software developer Ibrahim Balic warning the company of a security hole that left iCloud users vulnerable, claims the Daily Dot which received these emails earlier this month. In an email dated March 26th, Balic told an Apple official that he was able to bypass a security feature designed to prevent “brute-force” attacks. Typically, the security feature would limit the number of times users can attempt to log in on a given account, but by circumventing this feature, Balic said he was able to try over 20,000 password combinations. The same day, the Apple official, known only as “Scott” in the emails, responded to Balic, thanking him for the information. Balic also reported the vulnerability on Apple’s online bug submission platform. In a separate email in May, Apple followed up with Balic asking for more information. “It appears it would take an extraordinarily long time to find a valid authentication token for an account,” wrote an Apple Product Security employee named Brandon. “Do you believe that you have a method for accessing an account in a reasonably short amount of time?” This email suggests that Apple simply thought hackers wouldn’t be patient enough to exploit the vulnerability, making it a non-issue.
“When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source,” said Apple in a statement on the leaked photos. Apple claims that, based on this investigation, the individual celebrity accounts “were compromised by a very targeted attack.” The company reassured users that “none of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.”