A number of iOS and Mac users in Australia are reporting a growing issue on Apple's support forums (via The Age) in which hackers are locking iPhones, iPads and Macs remotely through iCloud. Compromised devices are also displaying warning messages offering unlocks for money.
Member veritylikestea on Apple Support Communities:
i was using my ipad a short while ago when suddenly it locked itself, and was askiwhich I'd never previously set up. I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR to return them to me.
Member Sei_L on Apple's forums also reports a similar message:
Same things here, both Ipads got the "hacked by Oleg Pliss" message, both have passcodes. In Western Australia also. I've chatted with Apple Chat and they said "this is very serious." They've set up a phone call back from the correct department (whoever they are) tomorrow morning so we'll see what happens then. We can access the ipads because they both had passcodes but when an app is used, it comes up with GameCentre password request; we didn't put it in.
IT security expert Troy Hunt commented on the specifics of the issue, stating that the hackers are likely using compromised data exposed from recent security breaches to login to iCloud accounts. Hunt also notes that the accounts hacked were likely not using two-step verification, suggesting that a single password would have not had granted access had the feature been turned on.
Apple has yet to officially comment on the issue, although users are encouraged to turn on two-step verification for their Apple ID with directions available on a support page.