Australian Apple users are encountering a pretty nasty problem: someone has got into their iCloud accounts and is locking them out of their devices.

The iCloud hack appears to be a case of people reusing the same passwords, and those passwords somehow falling into the bad guys’ hands – possibly because someone has broken into the user database of some ecommerce site or user forum, or because somebody with access to such a database has sold it on – and that’s enough to enable complete strangers to lock them out of their own hardware and demand a ransom to unlock them again.

If your iCloud account doesn’t already use a unique password and two-factor authentication, you could be next.