Apple admitted on Tuesday that it was the target of the same hacking attack that hit Facebook last week. A “small number” of Apple employees’ computers were compromised by hackers, the company told Reuters.
Apple says there is no evidence that “any data left Apple.” The company is said to be working with law enforcement to identify the culprits. Apple released an update later on Tuesday that patches the security vulnerability in Java for OS X that hackers were able to exploit.
Here’s Apple’s full statement on the matter:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.
Facebook said last week that last month it was also the victim of a malware attack that it says came from China. The exploit took advantage of a vulnerability in its Java software to gain access to its employees’ PCs.
Apple’s announcement comes less than a day after the New York Times published evidence that a huge number of hacks emanating from China against U.S. infrastructure and American corporations can be linked to a secret division of China’s army. The Times itself, along with the Wall Street Journal, are also among a high-profile group of U.S. companies to be hit by Chinese hackers that made their way into employees’ computers.
This post was updated at 10:34 a.m. PT with Apple’s statement and again at 2:02 p.m. PT with the link to Apple’s published update for Java.
Thumbnail image courtesy Shutterstock user mkabakov.