iTunes store account hacked

Yeah. It happen to me this morning. But they used the Texas Poker app. It is for free but the hacker used my credit (gift certificate) to buy ships to play. I never used to buy stuff from ITunes until I've got this gift and now is gone. I hope I can get it back.

Just e-mail Apple, because their phones are out during the weekend. Waiting for the results...

Et un de plus !

Des achats non autorisés ont étés effectués avec mon compte pour un montant de 48,77€ pour l'application Texas Poker v3.0.3 editeur: KAMAGAMES LTD.

Je me suis aperçu du piratage de mon compte hier, suite à l'envoi de deux mails de la part Apple :

"Chère/Cher JXXX GXXXX,

Votre identifiant Apple, XXX@XXXXXX.fr, vient d'être utilisé pour acheter « Texas Poker » dans l'App Store à partir d'un ordinateur ou d'un appareil qui ne lui a pas été associé auparavant.

Si vous êtes l'auteur de cet achat, vous pouvez ignorer ce courrier électronique. Il vous a été envoyé par mesure de précaution, afin de vous protéger d'éventuels achats non autorisés.

Si vous n'êtes pas l'auteur de cet achat, nous vous conseillons de vous rendre sur la page http://iforgot.apple.com pour modifier votre mot de passe, puis de consulter les informations se trouvant sur la page Identifiant Apple : conseils pour la protection de la sécurité de votre compte pour obtenir de l'aide supplémentaire.

Cordialement,

Apple"

Je me pose quelques questions:

1) Pourquoi autoriser un achat sur un ordinateur ou appareil non associé auparavant ?

2) Comment les hackers ont-ils eu mon mot de passe ?

3) Pourquoi Apple ne supprime pas l'application en cause, compte tenu des nombreuses plaintes trouvées sur les forums et articles ?

(iTunes piraté la contagion, Des comptes piratés en vente sur la toile, etc...,)

e-mail envoyé à Apple en attente de réponse ...

geez...very sorry this happened to you and all us other victims 😟 there is a lot of money being lost here....

I tried a couple things with my Apple Store and iTunes Store accounts and made a vid. So far the protection measure has worked, and I am back to being able to get my free updates for purchased or 'free music Tuesday' items. I dont know why Apple doesnt insist on this being the standard new default set up for all 'payment info' profiles, other than I guess they wouldnt want to have CC info depart their premises so to speak.

I have not tried the quick "input CC, purchase, logout/login, remove CC" practice I mention in the YouTube vid but I am sure it is better than relying on all the other forms of payment trust in the hands of Apple, considering they have all been fully abused. It seems the local Tv news station is getting into it with investigating the ripoffs and anger some of us locals are feeling, and I only hope this brings more heat pressure and attention to APPLE'S issues, not letting the Apple iTunes Support Email dept. keep blaming us.

I will post only the relevant instructional video link to iTunes:

Its 3 mins. long, the practical walk through is barely a minute and some of the total, and is at http://youtu.be/BQe7xJ7qZ14

Its too bad only the very small percentage of the ripped off people would know to look in this small discussion forum, and only after the attack, as opposed to someone taking precautions before they get hacked 😟

I just saw this thread.

I also today got hit with this crap. and the same App Kingdom conquest...

I checked the app out on iTunes, looks like many people are getting hit somehow and dinged by this app.

But it looks like i changed my password before my $49 iTunes balance was drained...

2 Hours AFTER i changed my password... Only using the new password once on my MBP to check the history and verify the credit still there... I get ANOTHER email from apple. Same story.

This time it's order and chaos... and drained my balance dry before my password was reset.

Sent two emails to Apple support, hope I can get my balance back.

I got robbed too! Had about $30 bucks in my a/c last week; only to discover yesterday I was down to $0.40. Some A*****e spent $29.97 on an "in-App purchase" after installing some game in Chinese that translates to "Romance of the Three Kingdoms".

It's ridiculous that accounts still get robbed even AFTER changing the password. I've tried to "Report a problem" to Apple but that link doesn't work! At least I have no credit card linked; so the damage was limited but I'm not redeeming any cards until it is clear that the accounts are safe.

This happened to me as well. Got the warning e-mails from Apple and checked out. Luckily I only had about $4 in my account (no credit card linked) and they only bought 2 apps of $0.99 each. Immediately changed my password and security question and contacted Apple to see about credit (I know, it's $1.98 but it's the principle of the thing). No word back yet.

I just got hacked! 100.00 withdrawn from my account...

Your Apple ID, xxx.xxx@xxx.com, was just used to purchase 明珠三国OL from the App Store on a computer or device that had not previously been associated with that Apple ID.

How do I get the charges reversed?

I just got hit by this.I check my email quite frequently so I saw the change in information about 5 minutes after it occured. At first I thought it might be a phishing scheme, as it directed to a different site, but then the purchases came.

It seems like it's been going on for a while, apple really needs to inform its users if theres such a massive breach of security!

Luckily i did not have my account attached to a credit card, but I lost $60 worth of GC credit I had bought and accumulated over the year, saving for apps for a new ipod touch. The thieves purchased the Order and Chaos app and then made a 56 dollar in app purchase. Leaving behind 3 cents. I changed my password, although I doubt that does much to portect the security, and emailed the situation. I also filed a complaint in the purchases through iTunes.

Not only is this fustrating, it seems like it's widespread. I'm really hoping apple fixes this unnaceptable issue and reimburses us for our losses!

-Update, I couldn't post this last night when I wrote No word back from apple yet and my balance is still a glaring .03cents

For my birthday, I got a $50 dollar iTunes card. I used about 10 dollars of it. The next morning, I checked my email, and see that 2 purchases from Texas Poker were made. Thinking my mom purchased a few apps, I went on with my day. Then, when I tried to make a purchase for another album, it said "Insufficent Amount" I then checked to see how much money I had left: 33 cents. Worried, I checked my mom's iPod. She doesn't even have Texas Poker on there. I told my mom what happened, and we called Apple, where we found out they can only handle this stuff on E-mail. We wrote Apple an email about 2 days ago, and its almost 3 days now. They said it would be within 24 hours. Should I send them another email? I really want my money back.

And this is why I'm really starting to think it's either an inside job, Someone AT apple selling/trading/leaking iTunes info to a bunch of scum. (Apple isn't immune to disgruntled employee's)

Or there is a security hole in either Apple's website, or iTunes itself.

I use Firefox.. i rarely fire up Safari so i don't think it's a safari.

As I stated earlier, I changed my password the first time at iforgot.apple.com, then entered the new password into iTunes to check the purchase history etc.

an hour after that... Password was changed again, and the $40 in purchases made.

I never put the new password in my iPhone, and honestly until about an hour ago... not on my iPad either.

outside of logging in here, I haven't used the new password outside my MBP. (on my iMac now) but still haven't used the new password in iTunes on my iMac yet. JUST the MBP.

As someone pointed out earlier, it could be phishing.. But i doubt it.

I got the 2nd email saying a free purchase has been made, right after the first saying my password was changed. And i did verify that purchase was made... All I had to do was see it was downloading to my iPhone as i read the e-mail. (app sync turned on)

Still no word from Apple.. Not looking good.

This isn't the case. coming from within apple people's account and credit cards are hacke dall the time. By many different things . I tunes will reply to you.If not call apple refuse to email anyone and demand they do a chat with itunes through that chat service (this is availabe you justneed to scream about it) your account is not very well protected if your getting hacked. password ect. But people are hacking people's account yes. How, we don't know. same way a credit card number gets hacked on the net. People are smart and getting smarter .

Would like to give an update to all here.

Little over an hour ago i received a response from Apple. They agreed i did not make the purchases, and will refund my account for the amount stolen in the next 3-5 days.

98% of my faith in Apple has been restored!

the other 2% will be when Apple figures out how this happened to all of us, fixes the problem, and those responsible are taken care of. 😉

So there is still hope for the rest of you.

"I hope that you will consider sharing your thoughts on the feedback page."

Frankly given the great hassle Apple gives you trying to get in touch with a real person over this matter and not some script-quoting East Indian emailer, I personally will not bother.

They didnt bother listening to my feedback saying how the new iMovie/FCP-X interfaces go against all UI that video editors around the world rely on and expect, and they didnt care when I mentioned the grey icon feedback in iTunes window (color was better, hands down). They ignored the immediate reactions to the hockey puck mouse too, until the computer line it was introduced with went through a major revision... If Jobs sets his mind on something, even in a market sector his company has NOTHING to do with originating (video editors/editing), then the official response will always be "tough, its this way now get used to it" even if its a bad idea or implementation. He expects the sector to follow his lead, not the other way around.

An update: the investigative reporter left not long ago and will be culminating her investigation on the 5 and 6 o clock news broadcasts. I seriously hope this raises the level of exposure to the problem but, after 3 years of steadily rising reported cases of fraud and abuse, I doubt very much it will have that affect. At the very least Apple should take responsibility for jeopardizing our credit card information indirectly as I have no doubt at all the operation is occurring on their end, not on the computers of Mac and Windows users around the world.

Be more communicative and responsive. And change the EUA to not isolate an abused account situation as the victim's loss and problem.

But thats pipedreaming...

Interestingly, the latest iOS 4.3.4 has the following inclusion:

"Re-introduced the ability to cancel and delete apps that are currently downloading"

..is this to allow us victims to stop Kingdom Conquest from continuing to download? I suspect so...

My store credit balance was immediately 'hacked' and drained hours after I logged off.

I believe that the hackers have gained access to the 'secret' pin numbers and are running computer programs to locate the ones that have been activated. I don't believe that very many cases involve actually using your password.

My account got hacked - they determined it was not me and credited the $ back. The problem is, no one will respond to my required e-mails that I need to send in order to get my account reactivated. They are holding a lot of users hostage by ignoring us and not giving us access to their legitimate $.

So sad that they say someone will respond within 24 hours. It's been days and nothing . . .

What's a good alternative to iTunes ? - they really have not earned my $ or my loyalty.