Re: More involved than article suggests.
Or that said users were syncing their phones with a Mac/PC with iTunes, and that itself was 'backing up' to iCloud - or a similar setup where iCloud was the last step in the line.
IE I set up a system where a user wants to show their pictures off, so they transfer the images to their computer, they work on the images on the computer, and the finished images are sync'd with iCloud so they can show them off on the tablet (as it autosyncs to the camera roll I think - I forget the details, but it worked, that's the main thing).
So they could be taking the pics with a point and shoot camera if they want, but if they end up in the default photos library, and iCloud sync is switched on, then they're vulnerable to iCloud hackery.
So someone using a Blackberry, syncing the photos to a default photo locale, which is the same place iCloud syncs from, and bosh, it's in iCloud.
Still not seen huge details on how the hack was performed - have I skim read too much? Was it really a bruteforce on the API? Seems too easy...