iCloud Keychain
Apple has confirmed that it was not an iCloud security breach which led to multiple iPhone/iPad/Mac users in Australia reporting their devices were remotely locked and held to ransom.

Apple has confirmed a breach of iCloud security was not the reason iPhone and iPad users had devices locked and held to ransom.

Following multiple reports earlier this week from iPhone, iPad and Mac users in Australia, New Zealand and even the UK that devices connected to their iCloud account were being locked, Apple has finally acknowledged the issue but denied it was the result of a breach of iCloud security.

However the company has urged users who have been affected to change their Apple ID password whenever they can.

In a short statement , Apple said:

Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.

$100 ransom

The incident came to light on Monday when numerous Apple customers in Australia reported finding themselves locked out of their iPhone, iPad or Mac computers and a message demanding a $100 (£60) ransom be paid to a hacker only known as Oleg Pliss.

With Apple ruling out an iCloud server attack, then the attacker is likely making use of another database of usernames and passwords compromised from another service.

As many people use the same username/password across multiple accounts, it is no surprise that a cybercriminal would be able to use credentials exposed in one breach (such as the high profile attacks on eBay and Target recently) to attack other accounts.

Once the attacker gained access to a users' Apple ID, they could use the Find my Device feature for iPhone, iPad and Mac to remotely lock the devices.

While the vast majority of the incidents have taken place in Australia, there have also been reports on Apple's Customer Support Forum from users in New Zealand, the US and the UK who have been affected, though these claims have not been verified.