Apple knew of iCloud security hole 6 months before Celebgate
..
The emails, obtained earlier this month by the Daily Dot and reviewed by multiple security experts, show Ibrahim Balic, a London-based software developer, informing Apple of a method he’d discovered for infiltrating iCloud accounts.
The strength of Apple’s security came under fire earlier this month after hundreds of celebrity nude photos, allegedly stolen from iCloud servers, flooded the Internet. While the exploit Balic says he reported to Apple shares a stark resemblance to the exploit allegedly used in the so-called "Celebgate" hack, it is currently unclear if they are the same vulnerability.
In a March 26 email, Balic tells an Apple official that he’s successfully bypassed a security feature designed to prevent “brute-force” attacks—a method used by hackers to crack passwords by exhaustively trying thousands of key combinations. Typically, this kind of attack is defeated by limiting the number of times users can try to log in.
Balic goes on to explain to Apple that he was able to try over 20,000 passwords combinations on any account. “I would like to inform you for it to be fix,” he wrote. (Editor’s note: Balic’s emails were written in English, which is not his first language.)
http://www.dailydot.com/technology/apple-icloud-brute-force-attack-march/
..
= new reply since forum marked as read
this will not go well for Apple, if proven to be true.
I see a large number of lawyers in their future.
A better security for the cloud. Overall, I like the idea of the cloud to keep items on that are accessible at anytime regardless of switching to a new computer and not having a portable hard drive that may not be access able to future computers. However, I would never put personal information and especially financial items on a cloud. And for nude pics of me....the last thing I would want to do is scare the poor little hacker. 
