Thanks for the reply Dragonchilde, makes sense to me but I'm going to access the other accounts from my PC for awhile just to be safe. Every time I start iTunes now it still tries to download KingdomConquest. I cancel it and remove it from the downloads tab but next time I start iTunes it tries to download again. Sounds like you're right, this is a server side thing and I can't kill it from the client end. Any idea what will happen if I let the download complete? I got my credit already and I would hate to see my account cleaned out again.
Just downloading the program shouldn't be an issue - the problem isn't the app itself, I don't think. If it was the app, you wouldn't have been hacked in the first place. I think the app is just the vehicle for the money transfers. I don't know for sure, though, as in my case it was just itunes gift cards that were purchased... the freaky part? The name they used for the recipient was my account password.
I'm not sure why the app is trying to download automatically, though; that sounds like a setting in your iTunes somewhere that you'll need to turn off. I generally don't have things download unless I tell them to.
Just to let people know the timeline I dealt with, and am still dealing with the issues.
Account charged for two separate purchases 13.03 and 23.88 something yesterday about 40 mins apart - at least I received the 'someone purchased kingdom hearts' email.
Went to paypal, removed Itunes from the approved transaction list, changed paypal password, security questions. Started disputes on both transactions.
Emailed Apple support, changed apple ID password. Apple support responded and reported they were returning 33.04 - that number does not add up. They also disabled my Appleid.
Today I checked my email and had specific receipts for the two aforementioned purchases (13.03 and 23.88). Also had a refund for the 23.88 charge. Checked paypal the 23.88 has indeed been returned. The 13.03 is still in dispute.
I asked to reapprove my apple ID so I could post on this forum (and also disable the auto email on reply).
So I am still waiting for the first charge to be returned.
They just got me today. $41.94 in Kingdom of War nobility points and then another $5.23. Money came right out of my paypal account and I don't usually leave money in there for this very reason. **** Murphy's law!
2 hours between being on the phone with apple, breaking the security token with paypal, filing a claim and now I'm waiting on my refund. What kind of messed up game is this Kingdom of War BS anyway. I hope they cancel all those points that guy STOLE!
I took the same actions as the persone above me. I hope your situation works out as well as mine
It appears this is a much broader problem than being reported by users. I personally called some of the phone numbers (my account address and phone number were changed to California). I talked with people, they all said similar things "I cannot think of any way I could have granted acccess to anyone else to get access to my account". They are not posting on this site...so how many people are actually affected but not reporting?
I work in IT...I am now wondering about a Self-Mutating Worm (Virus)...and starting the search for a more robust tool to scan my machine. I know 100% for sure now one else has access to my machine and I did not grant access to anyone else to allow purchcases. I even reviewed logfiles to see if anything suspicious occured. Other theories I have is access on the back-end (like Sony's recent hack)...someone accessing a back-end Data Storage area with access to place purchases as. me.
I am not anti-Apple or trying to rattle the cages....I am, however, interested to find the answer and will assist anyone else wanting to get to the bottom of this....feel free to reach out if you are serious about helping.
I got hacked February 10 in the midde of the night. Once again, Kingdom Conquest was downloaded to my account and two subsequent in-app purchases cleaned out my gift card balance of $70. I have not heard from Apple Support yet. What I really don't understand is why I got an email stating that the purchases were made from a device not previously used by me, yet the purchases were allowed by Apple anyway!?? Shouldn't that have been their tip off that maybe something wasn't quite right? (Oh, and the fact that so many others have had their accounts wiped out in the very same manner?) Not feeling too good about using iTunes anymore!
I am absolutely convinced the problem is on Apple's side.
I believe that Apple's servers have been hacked (they may not have even encrypted our passwords) and they're not going to do anything, or make any announcement, until they've 'caught the bad guys'.
Until then I believe that Apple is just going to let their customers twist in the wind.
At the very least they should keep the two offending apps from profiting from this scam.
And more horror stories about iTunes being hacked:
This clearly has been going on for longer than Apple would like to admit. And, clearly, Apple seems unable to stop it. What bothers me most is the way that Apple refuses to talk about it.
Would you be able to help me?
I just discovered that £13 has been deducted from my Gift Card allowance due to this Kingdom Conquest hacking situation. I have so far had no money deducted from my debit card yet.
But my main problem is that with my Gift Card still in play, I looked at my account information and found my payment method was set to None where I always had my debit card information stored.
What I would like to know is, if I redeem my gift card does my debit card information get automatically deleted, or do you think the hacker has set it to None?
I have changed my password on iTunes now.
Many thanks in advance
My account was hacked too. The morning of this past Wednesday, February 8, I received an email stating that my account had been used from a different device to purchase some app. I immediately changed my iTunes password and looked at my purchase history to see what was going on. The app that had been downloaded (which had some foreign title) was free, but then four in-app purchases were made totaling $90.91. I didn't have a credit card or PayPal associated with my account, so it was all store credit. There was only $0.99 left. I sent an email to Apple explaining the situation, and within a few hours they replied stating that they had disabled my account and were going to refund all the money. My account is enabled now and I have all the money back.
I too have just had my iTunes account hacked with £41 being spent on in-app purchases for Kingdom Conquest. What is it with this game and the hackers? What benefit do they get for hacking loads of accounts and spending that money on this game?
Surely there should be some sort of system in place where transactions from an unauthorised computer are automatically blocked unless you go through some sort of validation process. The fact that these transactions are all on the same few games hsould set alarm bells ringing. It wouldn't be that hard to implement something that identified a new computer/device being used, and then identify that it was attempting to make transactions and just block it. An email alert could be sent requesting the user to confirm whether it is a genuine transaction or not.
And just to add, the money was taken from gift card credit on my iTunes balance. They took it down to 0.55p in credit, where presumably they couldn't purchase anything else. They made 4 seperate transactions. I also am pretty confident in using the internet and not being stupid enough to enter in any details in places other than iTunes on my Mac and iPhone.