So if you’re a celebrity (or, well, anyone, really) and you want to make extra sure that people aren’t able to easily access your personal data, it’s a good idea to make your password and your password reset hint something that’s really obscure. Ideally, it should be something that only you would know.
It seems a few ne’er-do-wells from the popular site 4chan were able to get into Hayek’s MobileMe account simply by looking up her birthday from her entry in Wikipedia and guessing that her favorite character (the password hint) was “frida,” as in Frida Kahlo, one of Hayek’s most famous roles. From there, it was a simple matter to change the password to something new and then access the actress’s personal information, including her e-mail, calendar, and even data about what software she’d downloaded to her iPhone.
What do we take away from this? Well, it would be nice if Apple made its password reset process a little more robust. But the company is hardly alone in this department. In this kind of scenario, it’s always going to come down to the individual user to make sure that their information is protected.