Only days after Facebook revealed it had been hacked, Apple announced in a statement to Reuters that it was also the victim of a similar security attack involving the infection of malicious software (“malware”) on employee computers. Apple also disclosed that “other companies” using Mac computers fell victim to this same malware, but did not elaborate.
The malicious software, designed to attack Mac computers, exploited a vulnerability in Oracle Corp.’s Java software when Apple employees visited an infected software developer site. Both Facebook and Apple believed no customer data had been compromised or taken in the attacks.
Apple quickly released a Java security update to address the vulnerability. Users of Apple’s Mac OS X can find Java for OS X 2013-001 in the Software Update section of the Mac App Store. The update can also be found here.
Formerly overlooked by computer hackers in favor of Windows operating systems, Apple’s rare admission should be a warning to everyone that no company or software is completely safe from security breaches. Apple becomes another high profile addition to a long list of entities to admit being hacked, which includes Twitter, The New York Times, The Wall Street Journal, The Washington Post, and the U.S. Department of Energy. While Twitter, Facebook, and Apple have not publicly named a source of the cyber attacks, there are allegations that a source in China is behind recent high profile attacks.
Although customer data was supposedly not compromised in these recent attacks on Facebook and Apple, customers should always be careful when providing non-essential data over the internet or storing sensitive information on cloud-based services like Apple’s iCloud. Always remember: once your data is on the internet or stored using a cloud-based service, it could be vulnerable in the rare case of a cyber attack. Always keep a record and be vigilant about the sensitive data you share or store on the internet (e.g. credit card information) in the rare case your data is compromised.