Security void at iCloud seems to have allowed would-be hackers to repeatedly try different passwords on the service users' accounts, without them being locked as usual, after a number of failed attempts. Thus, in theory, it was possible to access any account after a lot of effort and a strong dose of luck.
As protothema mentions, Apple addressed and fixed it immediately security gap.
New Year's Day was released by someone with the pseudonym pr0x13 an iCloud account violating tool. The program was called iDict and essentially tested thousands of passwords automatically through a large list of frequently used words and phrases. His creator claimed that he could even access the security questions or the two-pronged identification process used by Apple.
The following day @pr0x13 wrote to Twitter that the security gap was corrected and iDict no longer works.
iCloud was targeted a few months ago attacks, with many actresses, models and singers claiming that the accounts they had been hacked, resulting in the leakage of usually "spicy" photos.
Apple had then argued that leakage incidents were the result of targeted attacks and not of a security vacuum, of course not knowing how many bills were actually violated and how many celebrities exploited the noise created to come back temporarily to the news.
