Q: iTunes store account hacked

Wow - this is dreadful. It sounds just like my hack problem as my Credit Card was changed to Non, and I could not work out why. If this is true Apple, it is shocking and this should be made public and sorted urgently. I am switching off all access to iTunes.

I just received an email from Shaun from the iTunes Store/Mac App Store Customer Support regarding the report I submitted through express lane and he has informed me that I will be a full refund of the unauthorised purchases. I hope you all get your money back aswell.

Someone just used my account to purchase $40 in 125 Dark Matter on Galaxy Empire.. Did you get this resolved?   I happened to change my password in the first ten minutes, and filled out a form for Apple..  I never use my iTunes account on anything except iTunes.. I'm a security consultant as well.  I don't get phished, so I'm pretty sure if Apple uses cryptography and/or hashes for all authenticaiton that it has to be on their end... Let's see how this gets handled...

This has happened to me too, except it was $40 for army of darkness points--taken from my gift card on the acct.  Mine occured Jan 27, 2012, but have not signed into my iturns account until tonight to purchase some songs and discovered this theft.  I don't know how my account got compromised but it seemed to happen days after I loaded gift cards from Christmas onto my account.  I never received any emails regarding this purchase, though just checked my email again and I did get one on Jan 26, 2012 for music I actually did purchase--so somehow these purchases were made without any email being sent.  As soon as I logged into iTunes tonight I got a message that I needed to reset my password--so Apple definitely knew something was fishy on my account, but I never received any email message regarding the fact my account had been compromised.  I started a file with express lane but will call/chat tomorrow to get this resolved. 

After reading some of the other responses, I am going to post more details.  I have not made any purchases via itunes since July 2011.  I tend to purchase from Amazon but received 3 iTunes gift cards for Christmas 2011.  I added them to my account Jan 24, 2012 and purchased music on Jan 24 (received receipt in email Jan 26). On Jan 27 unauthorized game purchases were made on my acct wiping out most of my gift card balance.  Did not receive email.  Logged in Feb 20, 2012 to purchase music, and it was weird because immediately I was prompted to reset mt password--then I actually purchased some music with my small balance when I was prompted to download a free game app.  I then realized that something was wrong.

I know there is no evidence, but in my opinion, there seems to be a definite link about redeeming a gift card and somehow the hacker(s) becoming aware of a gift card balance--it triggers something.  I say this because I have never been hacked on any other account and had never had iTunes gift cards before.  I doubt I was a victim of phishing--and if they suggest this, I will tell them I resent any implication that I was somehow responsible for this fraud, when I believe it was my redeeming a gift card that was the real cause of this effect.  I tend to be very responsible when it comes to my security.

Ginger, did you not receive any e-mail receipts for the purchases, as is normal with App Store purchases?  I received a receipt last night for the in-app purchase of 19.99 that happened just after midnight yesterday.  However Apple had alerted me to the activity just a couple of hours after the purchase happened, so I already knew what was happening when I got the e-mail receipt.

I did get a respone back from Apple yesterday, but the guy said he needed the transaction number, even though I sent it previously.  I received that e-mail only about 5 minutes before he was scheduled to get off work (4:30 EST), so I expect a response back some time this morning.

Same has happened to me. I had 34$ in my iTunes store credits now I only have $2. I'm furious I haven't gotten a response of any kind yet either

The best way to get an immediate response from them is to live chat.  My issue was resolved in a matter of minutes.

I just found that this happened to me this morning only my address was not changed.  I have submitted an email to Apple and I'm hoping to get a response soon.  Has anybody noticed what was purchased.  I know for me it was a lot of Galaxy Empire apps and in app purchases along with one Metallica song.

After reading some articles I'm wondering if Tap4Fun....the seller is responsible for this.

I also failed to receive email notifcations for the fraudulent transactions . . I found out when I logged onto iTunes and the system told me my account was compromised and locked and to change my password !

I do not believe it is Tap4Fun who is responsible.  Their games have a pretty large online following, and I found this page yesterday on their blog: http://www.tap4fun.com/commitment-to-combating-fraud

I think it just happens that these hacks are playing this game and want to buy whatever credits the game uses, and so they steal from other people's accounts.

Patrick - thanks for the link....you're right I jumped to conclusions based on the purchases and the other article I had read about some shady companies that create apps.

Yes I made the same conclusion about MyFitnessPal, which others say they were hacked after loading it.  However they have a HUGE online community and have been around for a number of years, it looks like.

Hi Patrick,

I checked my email and was never sent a receipt for the unauthorized purchase or for the free download purchase made the next day.  I am not sure how that happened but I looked and all of my information settings were accurate.  

I have never purchased an app (do not have iPhone or iPad or Touch) and have never purchased any kind of game or points for a game for a computer.  I did research the game that was purchased and contacted the game software company via email to let them know someone had used my account to purchase their game.  I doubt I will get a response but I felt better letting them know there is fraud regarding people playing their game.  The "hacker" purchased points for Army of Darkness Defense (which showed up as AODD). 

Hi Patrick, I want to add besides never buying any apps, I have never purchased/owned any video game or system--never even played an xbox or playstation-- I played a Wii once at a family member's house when it first came out was it 5 or 6 years ago (?).  My phone has no internet access.  I only purchase music via computer (no videos or shows etc).  Part of me doesn't think buying a certain app or download is the root cause.  It seems to be people with paypal accounts and people with gift card balances.  I am wondering if there is any time frame on when the hack occurs as I put the balance on my acct and within 2-3 days was when the unauthorized purchase was made. 

My purchases were made at 11:36 pm when customer support is closed too.

Message was edited by: gingerCE12