Marko Karppinen, an ADC Premier member, iPhone developer, and user like the rest of us, had his personal information released by Apple to an unknown third party, simply because of this one-line email:
am forget my password of mac,did you give me password on new email marko.[redacted]@yahoo.com
Apple -- apparently with no additional research -- reset Karppinen's password, and changed the email address on the account to the perp's. As a result of the login change, the perp had access to Karppinen's credit card details, developer software seed key, and the contents of his iDisk.
Karppinen, understandably, was livid, and sent ADC an email about what happened. A team lead from ADC's European support organization contacted Karppinen, apologizing for the mix-up. The rep promised to find out (from Apple's own logs) what information was compromised.
Apple has so far not commented on the incident, outside of what Karppinen says the ADC rep told him. It's unclear what Apple will do in the future to prevent this from happening again.