A group called the Turkish Crime Family is claiming to have millions of passwords for Apple's iCloud, and is demanding Apple hand over money or it will delete the accounts.
Apple, while not saying what contact it has had with the group, issued a statement saying it doesn't believe its systems have been compromised. Instead, it suggests that any account information that has fallen into the wrong hands is probably the result of other well-publicized breaches and because people reuse their passwords on multiple sites.
The upshot: Use different passwords on different sites and, whenever possible use two-factor authentication. It sounds simple, but most people don't do it. And if you haven't done so recently, change your iCloud password.