A group called the "Turkish Crime Family" wants Apple to pay $75,000 in Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards before April 7th. If Apple doesn't pay up the group claims it will begin to remotely wipe iCloud accounts and devices.
Apple says there have been no breaches of its systems and that the list of accounts is likely from previous third-party hacks.
"There have not been any breaches in any of Apple’s systems including iCloud and Apple ID," a spokesperson told Fortune. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services."
Many of the email accounts and passwords are said to match a previous breach at LinkedIn. It's also possible that account information could have been obtained from other hacks including those of Yahoo and Dropbox.
If you are using the same password with iCloud as you used for any other online accounts, we strongly recommend you change your iCloud password as soon as possible. You may also want to consider enabling two-factor authentication.
Apple says it is " actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication."
Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.