Although so far we have not heard of any hacker or hacker team that would have managed to compromise Apple's iCloud servers, several users reported on the company's forums that their Apple IDs had been compromised. It seems that the hackers managed to access the accounts of those users and used the emails of some to send spam messages, but only to the contacts synchronized with iCloud. A user claims that he had a password consisting of 15 random letters and claims that without entering it on any phishing website he noticed that from his email address @ me.com spam emails were sent and he did not do that.
I just received a bunch of emails from my friends saying that they got a spam email from my "me.com" account address.
This happened to me too about 30 minutes ago. I never use my @me email for anything, and I guarantee someone didn't break into the account by guessing my password (or brute force methods) – it's a pseudoly randomly generated string of 15 numbers, letters (upper and lower case), and symbols (I worked in IT for many years and am perhaps overly zealous about password security, which makes memorization a real pain). I'm worried that Apple's iCloud servers themselves got hacked, as I see there are a few other people on the forums who are reporting that their account was used for spam in the past few hours.
Exactly the same thing happened to me as well. It sent out a bunch of spam mails to people in my address book via the me.com mail – including my own gmail account. Funny thing is I have never used it. I have been logged in to me.com/iCloud only once I believe, and that was last summer.
Everything happened yesterday and for now few people support that their iCloud accounts had been compromised, and Apple, of course, had absolutely nothing to comment on. iCloud servers have proven to be more than safe from hackers until now, but maybe someone managed to overcome the security measures of the Cupertino company. This is the website to which emails are sent http://brighteam.com/fastmoney.php?ocfortuneid=fougo , none of the users admits that they are guilty of compromising the account and probably in the coming days we will find out what answers they all received from Apple.
