ICloud: Difference between revisions

In August 2014, a series of brute-force attacks targeted iCloud accounts, leading to the unauthorized access and release of private photographs belonging to multiple celebrities.<ref>{{cite web |title=2014 celebrity nude photo leak |website=Wikipedia |url=https://en.wikipedia.org/wiki/2014_celebrity_nude_photo_leak |url-status=live |archive-url=https://web.archive.org/web/20260404193845/https://en.wikipedia.org/wiki/2014_celebrity_nude_photo_leak |archive-date=2026-04-04}}</ref> Apple denied that a breach of iCloud itself had occurred, attributing the incident to weak user passwords and phishing attacks.<ref>{{cite web |first=Jacob |last=Kastrenakes |url=https://www.theverge.com/2014/9/2/6098107/apple-denies-icloud-breach-celebrity-nude-photo-hack |title=Apple denies iCloud breach in celebrity nude photo hack |url-status=live |website=The Verge |date=2 Sep 2014 |archive-url=http://web.archive.org/web/20250831150803/https://www.theverge.com/2014/9/2/6098107/apple-denies-icloud-breach-celebrity-nude-photo-hack |archive-date=2025-08-31 }}</ref> However, vulnerabilities allowing brute-force attacks remained unaddressed the following year, raising concerns over iCloud’s security measures.<ref>{{cite web |first=Alistair |last=Charlton |website=International Business Times UK |url=https://www.ibtimes.co.uk/icloud-accounts-risk-brute-force-attack-hacker-exploits-painfully-obvious-password-flaw-1481623 |url-status=live |title=iCloud accounts at risk of brute force attack as hacker exploits 'painfully obvious' password flaw |archive-url=http://web.archive.org/web/20251230054034/https://www.ibtimes.co.uk/icloud-accounts-risk-brute-force-attack-hacker-exploits-painfully-obvious-password-flaw-1481623 |archive-date=2025-12-30}}</ref>

In 2018, Apple transitioned Chinese users’ iCloud data to local servers in compliance with Chinese data laws.<ref name=":0">{{cite web |website=The Hacker News |first=Ravie |last=Lakshmanan |date=18 May 2021 |title=How Apple Gave Chinese Government Access to iCloud Data and Censored Apps |url=https://thehackernews.com/2021/05/how-apple-gave-chinese-government.html |url-status=live |archive-url=http://web.archive.org/web/20260209094941/https://thehackernews.com/2021/05/how-apple-gave-chinese-government.html |archive-date=2026-02-09}}</ref> The move raised concerns regarding government surveillance, as the encryption keys for the data were also stored within China.<ref name=":0"></ref> Apple stated that this change only affected users residing in mainland China; however, it did not specify how it distinguishes between residents and visitors.<ref>{{cite web |website=Apple |url=https://support.apple.com/en-us/111754 |date=15 Apr 2025 |title=Learn more about iCloud in China mainland |url-status=live |archive-url=http://web.archive.org/web/20251128142647/https://support.apple.com/en-us/111754 |archive-date=2025-11-28}}</ref>

In February 2025, Apple disabled Advanced Data Protection (also known as ADP), its end-to-end encryption feature for iCloud, for users in the United Kingdom. The decision followed a request from the UK government, which sought access to encrypted user data.<ref>{{cite web |website=ZDNET |first=Adrian |last=Kingsley-Hughes |title=Why Apple's disabling of iCloud encryption in the UK is bad news for everyone |url=https://www.zdnet.com/article/why-apples-disabling-of-icloud-encryption-in-the-uk-is-bad-news-for-everyone/ |url-status=live |date=25 Feb 2025 |archive-url=http://web.archive.org/web/20251229142653/https://www.zdnet.com/web/20251229142653/https:/www.zdnet.com/article/why-apples-disabling-of-icloud-encryption-in-the-uk-is-bad-news-for-everyone/ |archive-date=2025-12-29}}</ref>