Apple has acknowledged the Apple ID reset exploit we reported on earlier today and is currently working to resolve the issue. In a statement to The Verge, the company said, "Apple takes customer privacy very seriously. We are aware of this issue, and working on a fix."
The vulnerability, which was detailed step-by-step on a public website, allowed malicious individuals to reset an Apple ID password with only a user's date of birth and email address. Doing so would essentially grant the perpetrator full access to your iTunes account, iCloud email, and other sensitive data. The company promptly brought down its iForgot password reset tool soon after we informed them of the hack, though it isn't yet providing a timeframe on when that service will be restored.