“brute force password attack “
Which is easily stopped, and Apple didn’t stop it. Apple has extremely poor server software and security.
The real story here is that Apple is easily hacked and should never be used due to having poor system and software security. The sad thing is most people do not know that Apple iPhones and iPads by default copy everything to their cloud. Apple claims that is an “automatic backup”, when in my book it is outright theft.
The iOS setup screens tell them right up front that signing in with an Apple ID enables storage of their info on iCloud and allows the user to skip the step. Hard to see how yo can claim this is somehow kind of sneaky.
Apple's iCloud isn't the only online storage service that has had security issues - for example, Dropbox had a similar problem not that long ago. But because it's Apple, they get headlines. And while imperfect, I still trust Apple's commitment to customer security and privacy much more than Microsoft or the NSA's best friend, Google.