iCloud did not get hacked, says John Pesctore, whom I'm lucky enough to work with at SANS Institute (where he is director of emerging trends and I am chief of the SANS Analyst Program). He also reminds us NOT to use the same passwords across our many online accounts in the below message he sent around to our team:
"There's been press coverage about a hacker group threatening to release "hacked" iCloud/Apple ID username/passwords. Neither Apple or iCloud has been hacked, but previously Yahoo and LinkedIn have had all of their user accounts hacked - and the attackers are finding LinkedIn/Yahoo accounts that use the same username/password on iCloud.
So, if you had a LinkedIn or Yahoo account that was hacked, and use the same password on iCloud, you should change your iCloud password. In general, you should change any account where you used the same password that you were using on LinkedIn and/or Yahoo.
Apple is being very careful about password resets right now, so you might run into a lengthy verification process, but if you were using the same password as on LinkedIn/Yahoo, better to go through it."