Nothing is worse than forgetting an important password. Except maybe forgetting all of your sign in credentials completely. Without the email address associated with your Apple ID, the account cannot be accessed. The good news is Apple makes it possible to look up a lost Apple ID. In the worst case scenario, finding a forgotten Apple ID takes trial and error.
A long time ago, the Apple ID was like any other username. But nowadays Apple requires all Apple IDs to be verifiable email addresses. Since everyone's Apple ID is an email address, many of these have been found in data breaches and leaked online. While your actual iCloud or iTunes accounts may not be compromised, the email address you use for your Apple ID could have leaked along with billions of other account records.
News stories of data breaches, stolen identities, hi-jacked accounts and other cyber-crimes are at this point no more odd than those of fires or car accidents - they occur on a daily basis and don't seem to have any end-all solution in sight, at least not anytime soon. Just as one keeps a fire extinguisher and wears a safety belt for prevention and protection, so should one use every available tool to protect against cyber-crimes. One of the simplest yet most effective tools that can beef up your online security and privacy is two-factor authentication, also known as 2FA.
Beginning on June 15, any third-party apps that use your iCloud account will be required to employ app-specific passwords in order to beef up security around your Apple ID. This includes any mail, contact or calendar services that use your Apple ID login to access your iCloud data, such as Microsoft Outlook, Mozilla Thunderbird, etc. On June 15, you will automatically be signed out of any apps that you are signed into with your Apple ID and you will need to create a password specifically for the app in question.
A group of hackers claims to have access to a large number of iCloud and Apple email accounts. Allegedly there are hundreds of millions of stolen accounts and passwords in the database, which media outlets have not been able to fully verify. Apple responded by confirming there have been no breaches in any of their systems. So where did the Apple accounts leak from?