2FA isnt infallible, especially if its only texting a code to a phone. See that shit today about the fake cell towers? Man in the middle baby
Also wasnt there an exploit in the find my ipone app that was allowing repeated icloud access attempts?
And definitely some social engineering going on or just pure stupidity. If you are famous and your password question is what school did you go to, how hard is it going to be for someone to google that?
|