A Cybercriminal named Kerem Albayrak who is 22 years old from north London tried to blackmail Apple by claiming that he had access to millions of iCloud accounts. He also admitted to this accusation.
Kerem demanded $75,000 in crypto-currency or a thousand $100 iTunes gift cards from Apple by claiming he had access to 319 million iCloud accounts and other Apple accounts. He threatened the MNC by saying that he would factory-reset all the accounts and would dump the data and all information if they did not agree to his demand.
The National Crime Agency (NCA) of UK investigated this case and found out that the claims made by the young man was false and had no authenticity. The cybercriminal from North London had emailed Apple Security on March 12, 2017, claiming he had access to iCloud account details. He also posted a video of him on YouTube wherein he showed that he was breaking into two iCloud accounts.
After two years of investigation and trial, NCA released sentence for Kerem that he would be doing 300 hours of unpaid work and a two year suspended jail sentence, in addition to a six month electronic curfew. This is a typical case of Credential Stuffing.