iTunes store account hacked

yet another person being hacked. i woke up this morning to find some emails saying that i'd purchased KingdomConquest and some in app purchases during the night on a different device. Waiting to hear back from apple but have changed my password and now feel very paranoid about the info i give apple. SOmeone needs to feature this story to get it some press attention then Apple might do something to protect it's "clean" image. I'll be emailing all the techie blogs i subscribe to!

Another victim here. I just got an email this morning informing me that someone had made made an in-game purchase in the app "明珠三国OL", so there's $10 gone from my account (unless I get a refund). I've changed my password and security question, but I'm still pretty glad that haven't got my credit card info submitted to my apple id.

You'd think there'd be some form of region locking or authentication - how would a Canadian resident suddenly be buying apps from China? Maybe Steam has just spoiled me for good account security.

it looks as though it is only effecting those people who have gift card credit on their accounts. Correct me if im wrong but there must be something (at least) stopping them from using the card details saved on the account. They just end up getting cleared like mine did, but they didn't spend any money on my card, just nicked all my gift card credit!

I didn't have a gift card attached to my iTunes account, although it was set up to pay by Paypal. In a way, this seems easier, since I don't have to worry about Apple taking forever to refund my money; Paypal already has.

The saga continues, my lates response to Apple/Itunes.

Amadeus,

It is fast approaching 2 weeks since Apple allowed a security breech and my account was compromised, accepted about a week ago a credit appeared on my account but this is worthless if my account has been deactivated.

How can it possibly take this long to rectify this problem?

I have re supplied all the information you have requested and still I cannot use my account.

You will appreciate that this has occurred through no fault of my own, the responsibility for this breech sits squarely on the shoulders of Apple/Itunes and yet the response is both tardy and disjointed.

Will you please activate my account and fix your security problems.

Steve

This really has made up my mind, before this problem I would have advocated the Apple product but now I don't really want to pick up my IPhone or Ipod, this has left a bad taste in my mouth. I accept that Apple have a major security problem but the attitude and response time is rubbish, coupled with the lack of telephone or text chat facility it makes this kind of problem a nightmare, I would have thought that Apple would appriciate their clients much more than this. I know Android is not as polished as Apple but I am never again going to purchase another of their products and I will relay my experience everywhere the subject arises.

Bye bye Apple...

ok so today i looged on and my Itunes account had been disabled. So i changed my password and hey presto i had my money back and had to authorise my machine again. but no reply from apple. It seems they've given up relplying to emails and just resigned to giving refunds. At least I've got my moneys back....now to spend it before it happens again!

I'm a staff writer for Macworld. We're prepping a story on this gift card issue, and would apprecaite hearing from an affected user or two who's willing to speak on the record and for attribution. (That is, "John Smith, an iTunes customer from Nebraska, told Macworld...")

Interested?

Email me: lfriedman, at macworld.com.

Thanks.

Just an update to my situation, after using ExpressWay on the Apple site, within 48 hours I was reimbursed the transaction (this included them disabling my account and asking for verification information). By the time I had re-enabled my account, they credited me the stolen gift card just in time to purchase Lion! Overall, I had a very good support experience regarding the unauthorized transactions.

My account got hacked too! I lost 11.19 of the $15 gift card my aunt gave me. This happened days after I reactivated my itune store account. I was so mad until I found this forum and found out that refund is actually possible. What email should I contact apple with regarding this issue?

Also i've got several mails today in the morning, that some orders where made by my itunes store.

all buyed apps are from KAMAGAMES LTD ... Chip15M, Chip150M, Chip150M and some Texas Poker PRO...

all in all there's are a amount of 211 EUR

I have deaktivated all Computers in iTunes and reset the Apple-ID Password... but what can i doo since?

Before heading to bed tonight, I saw a few e-mails from Apple verifying my recent purchases on iTunes. I hadn't ordered anything recently from iTunes. I lost about $74 in GCs from my account - ERRRRR.

When I launched iTunes to verify my account balance, over 150 tracks of music began downloading to my library...I paused all the downloads, got right onto apple's site, and changed my password.

I also had an e-mail saying:

"iTunes Store has cancelled a Billing Agreement with you.

Description: iTunes Music Store purchases.

To manage your Billing Agreement, log in to your PayPal account, go to your Profile, and click My money. You can choose your payment method and, if you wish, cancel your Billing Agreement in the "My preapproved payments" section..."

And another:

"Hello,

The following information for your Apple ID xxxxxxx@xxxxxxx.com was updated on 08/19/2011:

Shipping and/or billing address
Credit card
If these changes were made in error, or if you believe an unauthorized person accessed your account, please reset your account password immediately by going to iforgot.apple.com.

To review and update your security settings, sign in to appleid.apple.com.

This is an automated message. Please do not reply to this email. If you need additional help, visit Apple Support."

And a third:

"

Dear xxxxxxxxxxxx,

Your Apple ID, xxxxxxx@xxxxxxx.com, was just used to purchase The Matrix (Music from the Motion Picture) by Various Artists from the iTunes Store on a computer or device that had not previously been associated with that Apple ID.

If you made this purchase, you can disregard this email. This email was sent as a safeguard designed to protect you against unauthorized purchases.

If you did not make this purchase, we recommend that you go to iforgot.apple.com to change your password, then see Apple ID: Tips for protecting the security of your account for further assistance.

Regards,

Apple"

I have since reset my iTunes password and e-mailed them via the Express Lane page posted earlier in this thread. This is so maddening! I'm just glad it was GCs and not a credit card on file.

Where is this security breach???

I've just had the same problem! 1 x Pearl-in-Palm app purchase, and 2 x Pearl-in-Palm in-app purchases... all three off my gift card, and all three were stupid chinese apps. The REPORT AND PROBLEM link wouldn't work on the purchases so I called Apple Support. They directed me to the Express Lane email adress and advised I should get a full refund of purchases and a response withing 24 business hours... bring on Monday!

Seems like this problem is alot worse than I realised. Wake up Apple...

Last night, Aug 20 2011, I was informed that my current password was no longer valid and that I was adviced to change it. I changed my password and thought that it was odd but I didn't mind any of it. This morning, when I signed in to my itunes store account, I was shocked to find that my credit balance was only $0.10 when I clearly remembered that yesterday it was still $35.08.. I refreshed the page thinking that maybe it was just a glitch or something. Then I found out that I APPARENTLY made in app purchases from an APP KINGDOM CONQUEST WHEN I AM ABSOLUTELY SURE that I have never heard of this app nor have I downloaded it! The purchase was made 1:14 AM AUG 20 2011 which was impossible because I was asleep and I live alone! I contacted apple about this and I want to be refunded! AND IT SEEMS I'M NOT THE ONLY ONE!! numerous accounts have reported this and it's time for apple to DO SOMETHING about this!

Well, I posted yesterday about being hacked... 3 or 4 posts up... and thought I would share my experience with apple since my original report to them.

I rang the support number...I emailed off the complaint in the express lane... I waited 24 hours and had a response the next day (not bad for a Sunday!) The response advised they had temporarily disabled my account and asked me to confirm my identity with address and my own recent iTunes purchases... fair enough in case I was a fraudster I guess. So I sent them off the details and less then an hour later had yet another response confirming that my account was re-enabled and the money had been refunded.

I checked straight away and yup, there it was... all my money returned.

The whole process was painless and easy and quick. Props to apple for the quick turn around and the refund of money.

To everybody else having the same problem, I hope that you guys will have as much success as I did. This one event of a security breach isn't enough to turn me off Apple simply because they responded so well.

Yes, it is a concern that it is happening to so many people and has been occuring for so long, but in the last year I've heard of Sony, Facebook, and Westpac all being hacked into on varying accounts. These are all major corporations so I don't think we can fairly blame Apple here saying they need to clean thier act up. Clearly this is going to be an ongoing worldwide issue that will affect many people now and in the future.

There is a risk in all transactions involving money, from ATM's, EFTPOS machines, eBay, Paypal to currency conversion in funny little Asian countries... the thing is, if you don't want the risk of being scammed or hacked, take yourself out of the situation. This is something we will just need to accept as technology and the modern world progresses.

The frauding little thieves and dirty corrupting twits will always find a way to get your private details and money no matter how many security measures are put in place. Perhaps the real issue here is why aren't these people being caught and persecuted with theft and invasion of privacy or something? If they can find us, surely we can find them and punish them accordingly.

Again, thanks Apple for your excellent customer service on an issue that whilst is annoying and unfair, is still mostly out of your hands.

@kristafromkalamunda, I agree that they have resolved many of these issues quickly and it may not be their fault that these accounts keep getting hacked over and over again. But this has been going on for over a year now, and unlike Facebook, Sony & Westpac, Apple has yet to acknowledge that there is any issue what-so-ever. And all they have done is blame the user with their scripted responses. Telling the user that they need to "change their password", "have a stronger password", "do not give your password to anyone", "this is a one-time offer", etc. If you read some of the previous posts, many of the users have extremely strong passwords, do not give them to anyone, change them regularly and use random letters, numbers and special characters. But as soon as they enter a gift card, their accounts are hacked and drained within 48 hours.

I purchased 3 $50 gift cards and only entered 1 of them when I was hacked. I still have the other 2, but I have been afraid to enter them, for fear of being hacked again. And having use up my "one-time" credit refund, I will be out of luck next time.

I don't care if hackers continuously figure out ways to get these accounts, and they will. I just want Apple to acknowledge the issue and pointing the finger at their customers.