DON GONYEA, HOST:
Apple says that hackers obtained nude photos of female celebrities by breaking into their individual accounts. But the company says it was not a broad breach of its online services. Security experts say the attack should be an eye-opener for everyone who stores information online. NPR's Laura Sydell reports.
LAURA SYDELL, BYLINE: "Hunger Games" star Jennifer Lawrence first contacted authorities on Sunday evening after the images began appearing online. Photos of other celebrities such as Kirsten Dunst and Kate Upton also began to appear. In a statement, Apple said the hackers didn't penetrate its systems. Instead they got access to the pictures through a targeted attack on usernames, passwords and security questions. Nico Sell, a security expert, says that most people only have one password and hackers use algorithms to guess them and they can search the web for personal information to fill in security questions.
NICO SELL: So, I mean, that's - that's pretty easy to get. Most of it, you can find on Facebook.
SYDELL: But Sell says there are other ways to get individual passwords and details. Companies like Apple, Google, Facebook store their information on servers all over the world, and there are various people along the way who have digital access.
SELL: So you're having to trust lots of people in between that have that data.
SYDELL: Sell and other security experts advise celebrities, and the the rest of us, to set up what's called two-step verification. This creates a second random password that is sent to your email or device each time you log into your account. Meanwhile the FBI has opened an investigation. Laura Sydell, NPR News. Transcript provided by NPR, Copyright NPR.