Hacker Ryan Collins pleaded guilty to stealing a number of nude photos — including images of Jennifer Lawrence — from Apple’s servers, after getting snared by the FBI. In the process of the trial, it became clear that the hack didn’t involve Apple’s services being compromised through brute-forcing or password cracking, but rather that they were the result of social engineering, in the form of a phishing attack.
At the time when the images leaked online, rumors were running wild that Apple’s iCloud services had crumpled under brute-force password hacking attacks. Apple denied this, and claimed at the time that it was more likely to be a phishing scam. It is now becoming clear that this was indeed the case.