There are some quick lessons to be learned from the break-in of a journalist’s Apple iCloud account: segregate your Apple services and secure your e-mail addresses.
In its support forum, Apple explains how to separate an iCloud account, which covers services like Find My iPhone and online file storage, from an iTunes account used to pay for music, apps, books and other media. That way, both are not protected by the same password. Segregating the two involves creating a separate Apple ID, then going into the settings of each device and logging into iCloud with that ID. For iTunes, you would go into the Store settings for each device and log in with the Apple ID you use to buy media.
That is less convenient than using one Apple ID for all Apple services, which Apple actually recommends that you do. But it would help a little bit in the event of a security breach. If someone hacks your iTunes account to go on a shopping spree, he can’t also remotely erase the data from your Apple devices. And vice versa.
Another quick lesson comes from my colleague Nick Bilton, who recommends always using two-step verification with Gmail and other online services that offer it. With that setting turned on, a security code is sent to your phone and must be entered to log in.