Recently we had reported that a group of hackers calling themselves the Turkish Crime Family has threatened to hack around 250 million iCloud accounts if they don't get the ransom amount from Apple. The hackers' group has allegedly demanded $700,000 million within April 7 otherwise they have said to begin resetting the the Apple accounts as well as remotely wiping off the data from the Phones. Although, it's hard to tell whether the threat is real but the best solution is to learn how to lock down your iCloud account, in case these hackers aren't joking.
The first step is to change your iCloud password, especially if you use the same password for other accounts as well. Make sure that you change your password into something that consists of 12-16 characters, numbers, symbols, upper and lowercase letters, and spaces. The longer the password is the better. Also, don't create a password that is too easy to guess, like your pet's name or own birthday or mother's name and so on.
To change the existing password, head to your Apple ID page, sign in and click Change Password.
Other than changing your password, next step is to setup Apple's two-factor authentication program. This way you can have an extra layer of security for your iCloud account and keep the intruders away from your account even if they have your password. By choosing this, no one can log into your account without submitting the confirmation code that will only come to your given contact details.
Legacy Apple devices that can't facilitate two-factor authentication for Apple ID because they're too old and can still use Apple's protection.
Finally, do use a password manager to increase the protection and create a perfect, unpredictable password.
Regarding the Turkish Crime Family's hacking claims, Apple has said, "There have not been any breaches in any of Apple's systems including iCloud and Apple ID," the company said in a statement. "The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services. We're actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved."
"If there was a breach or not, you'll have to wait and see otherwise it is empty threats and just allegations," says one of the hackers, which may be the best assessment of the situation yet. Just to be safe, go through the aforementioned steps and take precautions rather than waiting for your data to get lost.