Everyone's focusing on the security of the password and iCloud, but I just wanted to take a second to say: fuck who did this. Yes he should have backups, but erasing someone's things is such a juvenile thing to enjoy.
Edit: Surprised to see Cloudflare is proxying their website. I understand wanting to be impartial, but I think it's fairly easy to draw the line at groups breaking the law.
erasing someone's things is such a juvenile thing to enjoy
I don't know what part of the world you're in, but here (in the UK) it'd actually be a criminal offense carrying a multi-year prison sentence under the Computer Misuse Act.
I'm wondering at what point the police or law enforcement get involved in the US?
This is the only case I can think of where non-classified information leaks were prosecuted: http://en.wikipedia.org/wiki/Sarah_Palin_email_hack (There are probably more, but I can't imagine any would actually disprove my point.)
Usually the FBI is the agency that you go to with this stuff, and they usually don't help unless you can claim X hundreds of thousands of dollars in losses. Basically, they only care about rich people and corporations. Hackers are given a blank cheque so long as they only do small amounts of financially quantifiable damage.
As with so many other things in the United States, it is de facto only a crime if it happens to someone rich or well-connected. Mr. Honan is probably on the bubble, there. If it happened to me, a no-namer with skimpy assets, the thought of the FBI getting involved would be a punchline.
I'm sure most feel bad for the guy, but although the hacker's actions were malicious, that doesn't allow the victim to just get off the hook for having a silly password - if that was the case.
Edit: Surprised to see Cloudflare is proxying their website. I understand wanting to be impartial, but I think it's fairly easy to draw the line at groups breaking the law.