Q: iTunes store account hacked

I agree, holy cow.

Apple likes to sell their products, it's very easy to get in touch with them if you want to buy their products but if you need support they realy don't want to talk to you!

And it also blows me away that they seem completely in interested in trying to fix this problem and beef up their security! Like LizNDale said, how can they go ahead and allow a purchase that is made from a non authorized device! And they send you an email that a purchase have been made on an unauthorized device and if it wasn't made by you it says to change your password!

Like I said in a previous post, why can't they change it to where when you make a purchase they send an email where you have to click on a link to confirm that the purchase was made by you and then you can download whatever it is you bought!!

One way this is being done, according to iTunes and in my case, is that someone accessed my paypal account and set up a new iTunes account using my paypal credit card info.  That is why my iTunes purchase history did not show the unauthorized purchases.  To find out if this has happened to you, give iTunes the # from your paypal email under INSTRUCTIONS FOR MERCHANT.  That way iTunes can find any account linked to your credit card number.  Make sure you get a new # for your credit card and remove the old # from iTunes and paypal ASAP to prevent any further unauthorized purchases.

Changing your payment option to NONE will not solve the problem if the "hacker" set up a new iTunes account using your paypal credit card info like they did to me.  The unauthorized purchases will not show up in your account if they set up a new one with your credit card #.  You need to remove that card from your paypal account and get your credit card company to issue you a new # as well.  If your paypal account is linked to your iTunes account, I would recommend talking to iTunes and giving them the # and letters listed under INSTRUCTIONS TO MERCHANT on your paypal email that notifies you of a purchase.  This way iTunes can see if someone has set up another iTunes account using your credit card(from paypal).  Changing your payment status to NONE on iTunes will not prevent the hacker from making purchases on the new account they set up with your credit card.  Hope this helps.

Any time your credit card account is used without your permission, contact the card company and have them issue you a new card with a new number.

thats too bad ...

Another "me too" - our account was hacked for $500 in charges in January. I'm floored. What can we do?

"What can we do?"

Follow the 200 suggestions in this thread.

I think we figured out it's the "Enable In-App Purchases" setting on the iTouch. We download a free game...and think we're playing for free...not realizing we're racking up hundreds of dollars???!?!?!

I don't think so dschleich1, in the majority if cases above, as in mine, we didn't download the game in the first place! The Enable in app function is mainly for parents who don't want their kids to spend money on them.

As for what to do, aside from contacting Apple for a refund, which they will do, send an email to jducey@abc15.com. He is an investigating reporter doing a storey on this, especially if the app in question is Sega's Kingdom Conquest. My main question for Apple is why the continue to allow anything to do with this game on unrecognised devices.

Well, add me to the list of victims.  I received the same scripted response as others have received, freezing my account, and  *generously* offering to refund my money despite it being against the company policy.  I am paraphrasing my response to apple here:

Anoop,

Thank you for refunding my lost funds, but I am not satisfied.

1.  Yes, please re-enable my email address as soon as possible.  Why would disabling my email address resolve the issue in any way?  Clearly the hackers who stole the money needed more than my email address.

2.  Your link to 'suggested security measures' is a broken link.  It simply leads to a page that states 'the article you are looking for cannot be found'.  But let me assure you, I have utilized every possible security measure.  I do not purchase apps or games of any kind, let alone from suspicous sources.  I do not own multiple Apple devices nor use multiple devices to access my Apple ID account.  I do not utilize unsecured wifi networks.

3.  Your statement that you are making a special exception for me because 'all sales are final' is ridiculous.  As stated above, I am well aware that many other victims have received the same response.    Additionally, just because you write some rule in TOS doesn't make it legal.  An 'all sales final' policy doesn't apply to fraud or theft or any other illegal activity.  And fraud is illegal, whether or not Apple likes it.  Apple is legally bound to refund the loss from fraudulent purchases when evidence supports the claim of fraud.  And obviously, the evidence existed because it was Apple that first detected the fraud and notified me! 

4.  Moreover, Apple was complicit in the fraud by allowing an 'unauthorized' computer to complete the fraudulent purchases.  Had Apple utilized the security measures that it developed and that it promised its customers were in place, the fraud never would have taken place at all.  Accusing me of being at fault when it was Apple that permitted the activity and then claiming benevolence when covering your tracks is offensive and insulting.

Please do the following, post-haste:

1.  re-enable my account

2.  stop sending customers broken links

3.  stop sending customers statements that the customer is at fault for being a victim.

4.  stop sending customers claims that Apple is some kind of benevolent hand in refunding fraudulent charges.  It's offensive.

Thank you.

Now, let me add that in all honesty, my opinion of Apple has declined steadily ever since I became a mac user. Apple's product quality and customer service quality has deteriorated significantly over the past few years. Once upon a time, Apple computers were built like tank trucks. You couldn't make them die.  Now, it's a struggle just to get them to limp along through their warranty period.  And the fact that at my local Apple store, employees recently put their ears up to the wall and listened while an employee at a neighboring store was murdered--bludgeoned brutally over 300 times over a period of hours--while not bothering to use any one of the hundred of working devices in their store to call for help--has certainly not improved my opinion of the company. So I admit, I wasn't pleased with Apple before this happened, and this is just yet another reason to dislike them.  steve Jobs was able to bolster the public perception of the company for a long time despite the problems that have been growing, but in my opinion, without him, it's not going to be so easy to cover up the drift in the company's core values.

@ chaplin1: good post!!  I have been an " apple fan boy " for a long time but like you I dislike apples way of doing business and how they take care of their customers! When my account got hacked they made me feel like I was to blame and it was my own fault for what happened! And again, I can't stand the fact that apple is more than willing to talk to you if you want to buy something, but my god if you need customer support in a case like this for example!

I do not own any networked Apple device, ONLY an iPod Classic.  In fact, I do not own a device capable of running the game that the fraudulent purchases were made thru.

My account was hacked by way of some alternate unregistered/unauthorized device - and Apple allowed this questionable device access to my account and THEN notified me that it had done so. 

Point is, it has nothing to do with owning an iPhone or Touch or iPad.  The hack happens directly to Apple where your ACCOUNT is, it does not go thru your legitimate devices.

Only if there was a song that would teach all of you a lesson... http://youtu.be/O_ufD3QT51U .   Have to give some credit.... http://itunes.apple.com/us/album/you-just-got-hacked-single/id437600854

Message was edited by: Carlo TD

And your point is?