Apple is in the hot seat after the nude photos of 100 or so female celebrities were apparently stolen from files stored in its iCloud service. Apple’s iCloud service allows users to store photos, media, documents, and other content in the cloud, where they can then access it from any Apple device. A statement from Apple stated that only individual celebrity accounts had been compromised during the security breach. Several celebrities have been confirmed as victims of the attack, including Jennifer Lawrence, Kate Upton, and Kirsten Dunst.

Apparently, the flaw in the system was in the security questions asked by the website to verify that you are the account owner if you have forgotten your password. Because high profile celebrities often have hundreds of interviews and articles filed online examining every aspect of their lives, it is fairly easy for a hacker to do a search of the celebrities’ information that will give them the information they need to guess the answers to these questions. Some of the default security questions for the iCloud service included “What was your childhood nickname?” and “Who was your best friend in high school?”

The standard security questions have been blamed as a weak point in the security systems of web based applications before. College student David Kernell was sentenced to a year in prison in 2010 after being found guilty of hacking the email account of Sarah Palin by guessing the answers to her security questions. Christopher Chaney was sentenced to 10 years in prison that same year after using publicly available information to guess the answers to celebrities’ security questions and posted nude photos of Scarlett Johansson on the web.

The hacking disclosure comes at a tough time for Apple, with the new iPhone set to launch in the next few days. The Federal Bureau of Investigation has reportedly started an investigation into the security breach.