iTunes store account hacked

Well, Apple just reenabled my iTunes account. They made me change my password again for the third time, but I'm back in. So I was only locked out for 24 hrs, but that's still unreasonable for a service that many have begun to consider a basic utility, like cable TV. If Apple expects us to live our lives in an iTunes/iCloud world, they'd better figure this out. Bottom line: if it happens again, I'm gone. Meanwhile, until my credit refund shows up in my account again, I won't be making any iTunes purchases. So it's Apple's loss, not mine.

Good luck, folks.

An update on how the interaction with Apple ended;

Jun 8th Stolen credit refunded & Account disabled (awaiting security email)

Jun 11th I sent in answers to qwuestions & account was enabled and I had to change password again

After reading comments from others in similar situations my faith in the security of the iTunes store is diminished. Expect I won't apply I tunes credit to the store in future until I have enough on the wishlist to use it up immediately.

Mine happened oddly, So tuesday I get a msg after my late class (around 10pmest +) "log on computer to download apps" or something similar. I didnt think much of it. I thought it was just some odd error. Today I get this email.

Baseball Superstars® II Pro, v1.0, Seller: GAMEVIL USA, Inc. (4+)	GAMEVIL Inc.	App	$0.99
全国交通酒店查询(超级6合1), v5.0, Seller: heww hggg (4+)	Creative Mobile	App	$2.99
Traffic View 2010, v2011.2, Seller: Chris Oklota (4+)	Chris Oklota	App	$0.99
Well luckily that was it and I changed my password, called them and they said I would get an email in 24hrs which I suppose will arrive tomorrow sometime. It seems as if this goes along the scheme of people buying "hacked accounts" and just randomly downloading. Some decided to get as much as they can, while others are not aware of the service they just purchased and that if they dont get their 24hr worth of downloads the actual owner will can the account. (From what I have been reading online and interviews with these sort of companies) At not point was my information given up through anykind of phishing or false emails/log ins. All I do all day is look at a single forum (where my pass and email are different) check my emails, and use my pc to watch movies. Nor have I entered in my log in/password since nov during my last app purchase and today to change my email. Even though guessing our passwords might be "tough" keep in mind there is a easy method to log in your account by answering lets say your fathers middle name. Well the list for that is A LOT shorter than the combinations we use today as our passwords. There for it is very easy to use brute force to access accounts that way, with no password change. I had 25 in credit froma gift card

And add me to the list of victims too.

Yesterday two transactions took place on my iTunes account, totalling £24.56 for the same app 3 times. At the time of the transactions the iPad was in my handbag and I was in a shop paying on a credit card for something so I have a time stamped receipt. The iPad was switched off. Nobody has access to the devices linked to my account. My device didn't ask me for a password to authenticate entry to the iTunes store, the device isn't showing that I'm waiting to download the app in question. But my iTunes account is showing it as pending download.

The app is Kingdom Conquest and both the game and several topups have been authorised in total, the subsequent ones are shown as in-app downloads. If the app isn't on my device how could I order topups too?

HOWEVER now that I think about it I can also recall I've had a couple of instances when I've had my Apple account security reset and I've had to log back into the account. I'm now wondering if somebody has been trying to hack my account for a few weeks - the first time it happened was about 3 weeks ago and again about 10 days ago - and finding that I had no credit card details saved they weren't able to take anything off my account. Till I paid for an iTunes card and put £25 onto the account last weekend. Now most of that has gone and despite an email to Apple support about 16 hrs ago I've had no response other than the auto-reply to my inbox.

I'm just thankful that I didn't have a credit card stored on the account. This is my first experience of iTunes and I'm really not impressed.

Annierob2004,

Don't beat yourself up. You didn't do anything wrong. This wasn't the result of some virus, maleware, or keylogger on your computer or iOS devices.

Look through all the messages and do some googling. It seems the majority of people had these purchases made soon after gift cards were added to their accounts. This is clearly an Apple/iTunes problem.

It took about 48 hours for them to reply back to me, then another 24 hours till I got my credit back. They will get back to you. Judging by the amount of new reports about this problem, I imagine they are busy! =)

Although, it would be nice if they actually fixed the problem instead of only giving back money. I have no faith in their upcoming iCloud due to all of these problems.

Thank you! I'm new to Apple really as I've only had my iPad for about 6 weeks (though am totally addicted already!) I'm just glad I can prove where I was thanks to my cash receipt at the time of the transactions. But as you say it's very worrying, makes a mockery of all the so-called encryption of the device really!

I've got a variation on the theme... had a gift card remainder of $14 on my account for months (no credit card thank goodness).

Yesterday I got an email receipt for an iPhone app that I never purchased. Interestingly enough with the new iCloud syncing I found it in the list of apps on my Mac... there's now a remainder of less than $1 on the account.

I went to change my password and found my account locked... went in and answered my security questions and changed the password and got in. I'd like to change the security questions as well, but can't figure out where.

I wrote to Apple for a refund yesterday and am awaiting a reply.

After you've changed you password, go to "Manage My Account," sign in, and choose the "Password and "Security" (or "ID and Password") tab. This should take you to the place where you can change your security question.

I'm running iTunes 10.3.1 and for the life of me can't find any reference to either "Password and Security" or "ID and Password"... Do I have to have JUST changed my password or will I see this at any time?

same problem here, account topped up another $30 last week, today when i triedd to buy something only 50 cents left.

3 downloads for some Kingdom conquest game, which i never downloaded. sent emails to apple and change password and security question. No reply yet.

anyone has any luck with apple crediting back the money? very mad.

I had a reply back from, Apple this morning to say they had disabled my account and would be crediting me back the full amount. Just to prove how rubbish the system is there was even a further attack on the account while it was disabled - before I reset the security!

I have now changed my email address to one just used for iTunes & Apple, changed my login and password. Yes in theory I have got my money back but it's not in the account yet and I don't honestly trust it to stay there once it returns.

And yes it's Kingdom Conquest that's the culprit. There must be a way to block an app surely? It's showing that I'm ready to download it on my iTunes homepage so right now I'm not going to connect the iPad to the laptop at all until the problem has been solved!

Here was the response I had gotten guys, I called them and they said they forwarded it to whatever department. 48 hours later I get this email which makes no sense.

KEEP in mind I did not remove my credit card from anything, so if it was removed I sure as you know what didnt do it.

Dear Brian,

Thank you for contacting iTunes Store Customer Support. My name is Chand. I am glad to assist you today.

Please accept my apologies for the delay in responding your email, as we have been receiving higher volumes than usual. This is certainly not the customary time for a response and your understanding is greatly appreciated.

I understand that you are concerned about the order "MGQMWN7HMW" not being charged to your credit card and was charged to Store credit. I know how eager you are to know about it and it will be my pleasure to assist you today.

Brian, I checked with my resource and noticed that currently there is no credit card associated with your iTunes account as it was removed from your account on 06/15/2011.

I also would like to inform you that if there is a store credit balance on account then, by default it is used for any purchases. So any items purchased on this account will be charged to the remainder of the store credit until the balance reaches $0.00. If a purchase exceeds the amount of the store credit, the balance wilt be charged to the credit card is there is any on account.

I hope you find this information helpful. I would really appreciate if you do let me know how it goes.

I value your time and patience and I regret for all the inconvenience caused.

Have a good day!

Sincerely,

I just got a reply from Apple using the same apologetic language for the delay in replying. The agent said they would credit me the amount of the hacked purchase and that my account was being locked and if I provided them with some information they would investigate unlocking it. (I had told them that I had already changed my password in my original email to them).

I did provide them with the info they asked for, and also discovered that the account wasn't locked!

We'll see what develops... And I was not a victim of "Kingdom Conquest" but a Chinese based app: "798ArtZone"

I got hacked for $50.00, my credit card info was removed. I sent an email to Apple. Waiting for response. Whoever got me, bought the ussual poker stuff from gameislive but also bought some weird crap like a menstual cycle tracker app.

Like so many of you my iTunes a/c was hacked into (22/6/11) with a rogue Kingdom Conquest purchase.

Interestingly, my daughter has been using iTunes successfully for the last few years accessing it via her PC. I have just upgraded my mobile to an iPhone in the last 10 days & have used it to access the same iTunes a/c. So, I'm wondering if the issue of hacking is linked with my iPhone usage? This seems too much of a co-incidence!

During the days when I started using my iPhone I also received several Apple emails asking for me to unlock the a/c...was this a sign that my a/c was being attached?

I have now emailed iTunes with the details of the hacking. Will be interested to see what their response is & if my a/c is refunded.

Wondering if/when I should change my iTunes password...any advice anyone?