Skip navigation

iTunes store account hacked

664801 Views 1,941 Replies Latest reply: Apr 20, 2014 10:42 AM by Chris CA RSS Branched to a new discussion.
  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    Jul 13, 2012 10:50 PM (in response to stereocourier)
    MacBook Pro, Mac OS X (10.7.1), Windows XP SP 3, Ubuntu 11.04
  • trailbossc Calculating status...
    Currently Being Moderated
    Jul 14, 2012 8:06 AM (in response to transmogrification)

    Thanks for that link, transmog.  Carlo or Tunesfan, care to comment on this part?

     

    Macworld also chatted with Borodin, who noted that he can indeed see users' App Store account names and passwords, as they are transmitted in clear text as part of the In App Purchase process.

     

    Is your stance still that we have all been phished or have malware or are just general morons?

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    Jul 14, 2012 1:35 PM (in response to trailbossc)

    Let's not forget Apple's prompt addressing of this issue. Apple is doing something:

     

    http://www.loopinsight.com/2012/07/13/apple-responds-to-hacked-in-app-purchasing -system/

     

    Let's also remember this App Store hack only affects those who willfully take part in this scam to obtain in app purchases for free. Honest users shouldn't be affected by this scam. Real app software developers are the ones being hurt here.

  • Paula_R Calculating status...
    Currently Being Moderated
    Jul 15, 2012 7:11 AM (in response to transmogrification)

    Wait a second here.  Perhaps the thread has morphed since I last checked in.  Apple passwords were stolen from Apple's servers, and as a result, apps that were never purchased appeared on iPhones and accounts were hacked.

     

    Apple has NEVER responded in any way to this issue and it has been going on for more than 2 years, reported in USAToday, the NY Times and other places.

     

    I'm glad if Apple has addressed some new issue, but as far as I can tell it has never owned up to the fact that its system was breached. The comments on the original issue seems to have wound down to almost zero, so I assume it was quietly addressed.  But to say that anything was "prompt" is disingenuous.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    Jul 15, 2012 7:45 AM (in response to Paula_R)

    "Apple passwords were stolen from Apple's servers, and as a result, apps that were never purchased appeared on iPhones and accounts were hacked."

     

    Anyone can sign up and post to these community support forums and make any claim they want. Do you have any actual proof of your claim? 1000 pages in an open uncontrolled forum isn't actual proof of anything.

  • TunesFan Level 1 Level 1 (10 points)
    Currently Being Moderated
    Jul 15, 2012 6:29 PM (in response to trailbossc)

    I left my thoughts at MacRumors, but yes, I'll comment here too.

     

    If a user decides to install deviant files that redirect to an unknown, non-Apple resource, to steal.... yup....morons indeed.

  • zerg1234 Calculating status...
    Currently Being Moderated
    Jul 15, 2012 6:56 PM (in response to TunesFan)

    The reason I used the iTunes app store was because I thought Apple had excellent quality control.  I expected them to protect their users from bad apps.  I stopped using the app store when I was hacked because I realized this was not true.  Call the customer base morons all you like, by all means blame the victim.  Understand that it's a free market and most people aren't morons, once hacked you move on to a different marketplace.

  • Paula_R Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 16, 2012 4:08 PM (in response to transmogrification)

    Mr. Transmogrification, I hope you morph into a more respectful state soon...but...

     

    Do I have any proof?  Of course I do - well, let's call it inductive proof.  I was at a party and an app that I never purchased showed up on my iPhone.  When I got home, I received a note from Apple that my account had been accessed by an unauthorized device in China.I had installed no deviant files, no "secret way" to download free apps...and truth be told, I'm an old broad without the patience or interest to do something like that to save 3 bucks anyway.  If you read through the 1700 some-odd posts on this forum, you'll find some very common features and some very un-common features.

    •   we dont use the same devices
    • we dont use the same OS's (I just posted here because it was the first place I found when I googled up "Apple Hack"...I actually am a PC user).
    • we have varying degrees of technical expertise, from very little to very much.
    • some had gift cards, some just had vanilla purchases.

     

    I dont know who you are or what you do for work...I do know myself though.  And there is ZERO doubt in my mind that this was a server based attack.  We just don't have enough similarities for it to be otherwise.

     

    Peace.

  • Paula_R Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 16, 2012 4:10 PM (in response to Paula_R)

    PS  Calling this a "prompt" response to the situation is ludicrous.  This has been a documented series of event since late 2010.

  • Chris CA Level 9 Level 9 (73,410 points)
    Currently Being Moderated
    Jul 16, 2012 8:13 PM (in response to Paula_R)

    Paula_R wrote:

     

    PS  Calling this a "prompt" response to the situation is ludicrous.

    No it's not. You need to read what transmogrification was responding to.

    This has been a documented series of event since late 2010
    transmogrification was talking about Apple's prompt response to the very recent hack for in-app purchases.

  • Paula_R Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 17, 2012 6:22 AM (in response to Chris CA)

    Fair enough. 

     

    He was, however, also disputing the notion that Apple's servers had been hacked.

     

    I stand by that.

  • TunesFan Level 1 Level 1 (10 points)
    Currently Being Moderated
    Jul 17, 2012 7:10 AM (in response to Paula_R)

    In response to Paula,

     

    1. It's not possible that an app was sent to your phone from china.. *a human being has to tap to install or already be signed in on your phone--that's a simple fact. The other option is that your account was taken over, someone bought the app, then because you were signed in at that party, it downloaded to your phone like its supposed to.

     

    2. Apple wouldn't send you a note to say your account was accessed from China. Also, if you got that email please post it so I can help ID it as a phishing email and the rest of us know what it looks like.The one apple would have sent would say:

     

    Dear  Paula,

     

    Your account was recently accessed by a new device to purchase (insert name of Chinese app)........... Then it would go on to say change your password.

     

    If the email you got specifically named china it wasn't from apple.

     

    3. If someone's Vanilla Visa got ripped off that's sad; check out the terms......those aren't accepted anyway.they aren't real credit cards. By adding one a user ends up ripping off Apple.

     

    Anyway, there is no attack on servers and never was--there is and always will be attacks on accounts. Your passwords will be jacked by you falling victim to phishing, malware and all that good stuff. If you want to avoid that, then educate yourself instead of pointing fingers at Apple.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    Jul 17, 2012 8:12 AM (in response to Paula_R)

    Paula. I disput your notion that Apple's servers have been hacked, because there is no proof of that. You state it as if it is common knowledge. It is not.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    Jul 17, 2012 11:05 AM (in response to Paula_R)

    Paula_R wrote:

     

    Mr. Transmogrification, I hope you morph into a more respectful state soon...but...

     

    Do I have any proof?  Of course I do - well, let's call it inductive proof.  I was at a party and an app that I never purchased showed up on my iPhone.  When I got home, I received a note from Apple that my account had been accessed by an unauthorized device in China.I had installed no deviant files, no "secret way" to download free apps...and truth be told, I'm an old broad without the patience or interest to do something like that to save 3 bucks anyway.  If you read through the 1700 some-odd posts on this forum, you'll find some very common features and some very un-common features.

    •   we dont use the same devices
    • we dont use the same OS's (I just posted here because it was the first place I found when I googled up "Apple Hack"...I actually am a PC user).
    • we have varying degrees of technical expertise, from very little to very much.
    • some had gift cards, some just had vanilla purchases.

     

    I dont know who you are or what you do for work...I do know myself though.  And there is ZERO doubt in my mind that this was a server based attack.  We just don't have enough similarities for it to be otherwise.

     

    Peace.

    Paula R, can you ensure that every post in this forum are claims of servers being hacked? No, and assuming so is wrong.

     

    Paula, you should be more respectful of the Apple Support Community forums here. This thread is for Mac OS users with iTunes accounts that have been hacked.

     

    If you are using a different OS, such as a PC with Microsoft Windows, you are free to post in this section:

     

    iTunes for Windows

    MacBook Pro, Mac OS X (10.7.4), Windows XP SP 3, Ubuntu 11.04
  • Paula_R Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 17, 2012 12:38 PM (in response to transmogrification)

    Wait.  First of all, as it turns out I have a Mac too.  A very lovely Macbook Air (can I join the club, please, pretty please?  I've got an iPhone too.).  But all of that is irrelevant.  What matters is that people with all sorts of devices from all around the world are reporting similar scenarios. And since account access is on "unauthorized devices" I stand by my contention that it's irrelevant.

     

    For what it's worth, Trans, I did a lot of research on this problem because along with being punished by it, I wrote about it.  And I read an awful lot of these posts.  If you take the time to troll through, you'll find I first posted my problem quite some time ago.And you will indeed find a thematic link with MOST (not all) of the posts.

     

    So absent any other coherent theories, I stand by mine. Of course there is no proof.  That's because Apple has been far less than forthcoming on the issue at hand. 

     

    Also, to be more clear, I am definitely not a Windows bigot.  I believe I have bought my last Windows PC.  Still, I wish Apple had been more forthcoming beyond telling me "my account had been accessed from an unauthorized device" and then created a far more complex password scheme.  Somewhere back in this thread, another person posited the theory that Apple's encryption algorithm had been - what's the word - decoded?  Broken. Hence the new requirement for a very, very stringent password scheme.

     

    Anyway, life is short.  I'm not gonna argue with you. And I'm standing by what I said.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (39)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.