Reports of 'hijacked' iPhones down to stolen log-in details says Apple

Apple has responded to recent reports of iPhones being held to ransom, saying that the problem lies with stolen passwords and emails – rather than a breach in its iCloud servers.

Users posting to the company’s support forums on 26 May complained that they had been locked out of their iPads and iPhones, with on-screen messages from hackers demanding that they pay a fee in order to regain control of their device.

The hacker or hackers apparently gained access to users’ iCloud account (Apple’s cloud service is primarily used for syncing data between mobile devices and desktops) and used it turn on ‘Find My iPhone’, a piece of software designed to let users lock and wipe their devices remotely if they’re stolen.

Most of the reports came from Australia, suggesting that a geographically specific phishing attack (a fake email used to trick users into giving up their passwords) had stolen users' passwords, which has been re-used by Apple owners for iCloud.

Apple issued a statement after the reports, saying: “Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services.

“Any users who need additional help can contact AppleCare or visit their local Apple Retail Store,” the iPhone-maker added.

PayPal has also said that it would refund anyone who had paid the ‘ransom demands’, although it also mentioned that there was no account associated with the email address that showed up on hacked devices. This suggests that the real aim of the scam might have been to collect individuals' financial details - rather than the ransom money.