Apple CEO Tim Cook has told the Wall Street Journal that the company will be introducing security updates to its iCloud service. The announcement comes in the wake of the leaking by hackers of a cache of intimate photos of celebrities, which were obtained by hackers who exploited a weakness iCloud's security.
The Apple Inc. (NASDAQ:AAPL) CEO said that the company would introduce new push notifications when someone tries to change an account password, restore iCloud data to a new device or when a device logs into an account for the first time. He said that the new policy would take effect within two weeks, and that it will allow users to take action immediately if they believe that their account has been compromised.
Cook also said that the company would enhance its use of what is know as “two-factor authentication," which requires a user to complete multiple security steps in order to sign into an account. These can include a password, in addition to one time codes sent to a device associated with the account, or an access key issued by the company.
According to a report in Business Insider, two-factor authentication does not apply to all aspects of iCloud. However, Cook told the journal that it will be put in place when Apple launches iOS 8, its new mobile operating system later this year.
Apple had been keen to emphasize that the leak was not the result of a systems failure. In a statement issued after it had initially investigated the leak, the company said that “certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the internet.”
Hackers reportedly obtained the images by exploiting a pre-existing flaw in iCloud that made it possible to use a piece of software called iBrute to guess celebrity account passwords repeatedly until they happened upon the correct one.
The company has been fighting to preserve its reputation for protecting its users' privacy ahead of an important product launch on Sept. 9.
The FBI is investigating the leak of the hacked images. Hacker Christopher Cheney, who in a similar case was convicted of hacking into the online accounts of Hollywood actresses Scarlett Johannson and Mila Kunis, received a ten-year jail sentence in 2012.