Reportedly a bug called iBrute led to the manipulation of the storage service.
Apple is investigating the iCloud hack that resulted in leaking of sexually explicit images of celebrities like Jennifer Lawrence, Kate Upton and Kirsten Dunst.
Apple has not given any details about the method used for the attack, but according to reports a bug named iBrute was found in Find My iPhone service, the same bug allowed hackers to retype password innumerable times until they got the right one.
Usually services are locked after a user types the wrong password multiple times, but due to the bug the system becomes vulnerable to such attacks.
Apple spokeswoman Natalie Kerris said: "We take user privacy very seriously and are actively investigating this report."
Reportedly the hackers targeted individual systems and went from there, instead of hacking iCloud directly.
The reports also suggests that the compromised accounts did not use Apples two-step verification, where users have to type an additional numerical code, that is send to their phones to access their account.
Meanwhile the victimised celebrities and their representatives took to social media to express their anger about the reported hack.
A spokesman for Jennifer Lawrence said: "This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence."
get a cbr Cyber Security weekly update
Unable to register now