This morning speculation came to a close as third-party email client Spark confirmed that an upgrade to faster servers for iCloud users on the platform triggered the issue and forced password resets in a collection of Apple IDs. The company mentioned that it has been preparing to launch Spark for Mac, which was the reason for the faster server upgrade, but now promises that "there's NO breach or data leak" that users have to worry about.
Readdle, the creators of Spark, reiterated what it tweeted out throughout the morning in a post on Reddit.
Hello guys,As some users have noted, the security problem didn't hit all Spark users who use the service with their iCloud account. The company said that it's working with Apple to get the issue fixed as soon as possible, but it seems that users affected by the security lockouts need not worry about malicious attempts at entry into their private Apple ID at least. If Readdle posts any more updates on its fix for the problem, we'll update this story as well.
Thank you for the feedback and comments! Our team has been investigating this for a few hours. What we know so far: 1. There's no breach or data leak according to our investigation. 2. The new, faster AWS server logic might have triggered iCloud security algos. We are already working with Apple to learn more details. We are doing some server side work to make Spark much faster, and to make it ready for the Mac version, which is already in Alpha. We will keep you updated once we have more news from Apple side.