This article was published 5 yearsago

Countering yesterday’s reports that suggested data leak and exploitation by hackers using security loopholes in Apple’s mail app, the Cupertino giant announced on Thursday that it has found “no evidence” of the same. Apple went on to say that the flaw uncovered by cyber security company ZecOps “does not pose an immediate threat” to its users.

The world is observing a worryingly upward growth trajectory in cybercrimes. So when the supposedly commendable security of an accredited company such as Apple has contrarians, it certainly leaves the overly digitalised world unsettled.

A few days back, ZecOps unearthed “exploitable vulnerabilities” in Apple’s mail app, particularly on iPhone, that may have left more than half a billion iPhone users vulnerable to hackers. ZecOps further claimed to have found evidence that a loophole in Apple’s Mail App was exploited in at least six cyber security break-ins. Although ZecOps could not identify the hackers, the company asserted that attackers had been taking advantage of the vulnerability as far back as 2018.

Further, the company claimed that the flaw it uncovered had been used against one of its own clients.  Following this, Apple acknowledged the flaw on Wednesday and announced that it had developed a fix that would be introduced in the forthcoming update on its devices. 

Apple however, has now come up with a counter-claim, that it has not found any evidence of the data being exploited by cybercriminals. “We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded that these issues do not pose an immediate risk to our users” Apple said in a statement.

Apple added, that “The researcher identified three issues in the mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers”.

In response the Apple’s contention, ZecOps stated it found evidence of related hacks against “a few organisations”. The cyber security company said that it would share the technical details supporting its fresh set of claims once Apple releases its software update to the customers.