Security void at iCloud seems to have allowed would-be hackers to repeatedly try different passwords on the service users' accounts, without them being locked as usual, after a number of failed attempts. Thus, in theory, it was possible to access any account after a lot of effort and a strong dose of luck.As protothema says, Apple has immediately coped and corrected the security gap.
New Year's Day was released by someone with the pseudonym pr0x13 an iCloud account violating tool. The program was called iDict and essentially tested thousands of passwords automatically through a large list of frequently used words and phrases. His creator claimed that he could even access the security questions or the two-pronged identification process used by Apple.
The following day @pr0x13 wrote to Twitter that the security gap was corrected and iDict no longer works.
ICloud had been found a few months ago to target attacks, with many actors, models and singers claiming that their bills had been violated, resulting in the spilling of "spicy" photos.
Apple had then argued that leakage incidents were the result of targeted attacks and not of a security vacuum, of course not knowing how many bills were actually violated and how many celebrities exploited the noise created to come back temporarily to the news.