stereocourier

Q: iTunes store account hacked

I'm posting this just to share my story and get reactions. It's a little detailed but I thought worth sharing.

On November 23, 2010 I purchased a single song from the iTunes store for .99. I used store credit that I had from a gift card I received last year. It was the first purchase I had made since July 2010.

On November 25, 2010 I received a receipt for 2 more separate orders to my account. These were for over $50 in iPhones apps. Here's a sampling of some of the purchases:

1 eREAD isoshu, v1.5, Seller: ChengDu YueTong Internet Information Co. Ltd (17+)
2 Plants vs. Zombies, v1.3, Seller: PopCap Games, Inc. (iDP)
3 Monkey Island 2 Special Edition: LeChuck's Revenge, v1.1, Seller: Lucasfilm International Services Inc.
4 Asphalt 5, v1.2.6, Seller: Gameloft (9+)
5 Let's Golf!® 2, v1.0.1, Seller: Gameloft (4+)
6 Frames & FX for Photos, v2.5.1, Seller: Imikimi, LLC (12+)
7 Stenches: A Zombie Tale of Trenches, v1.0.1, Seller: Thunder Game Works (9+)

I do not have a credit card linked to my account, so these were made using my store credit.

I have only 1 computer authorized for my account (my personal home computer). I live alone and no one else touches my Powerbook but me. I also DO NOT own an iPhone, so I would have no interest in apps.

After I saw these bizarre purchases, I checked my account. I noticed 2 strange things: My account information had changed: My street address was correct, but city, state and zip had changed to: Towson, MD 21286-7840. I have never lived in Maryland. Also, I noticed that my password recovery answer had changed to "Murray" in response to a question about my mother's maiden name. That's decidedly NOT my mother's maiden name. Also, my birthdate had changed to an incorrect month and day.

I immediately changed my password and my recovery question/answer challenge.

I reported problems on all of these purchases and also contacted iTunes Account Support by e-mail.

Within 24 hours I received an e-mail from "Vicki" at iTunes Customer Support. She wrote:

"When reviewing over your account "name@domain.net" and the two reported orders, it shows that the content purchased within them was acquired from the computer that is currently authorized for your iTunes account. So I strongly advise that you do consult with those in your household regarding the purchases made, and the charges that resulted from those purchases."

Further:

"I have gone and reversed the charges for the two orders....You will see a store credit in three to five business days....Please note that this is a one-time exception, as the iTunes Store Terms and Conditions state that all sales are final."

I am pleased that Apple is refunding my store credit and replied so quickly.

However, it is simply impossible that these purchases were made from my computer. Again, my Powerbook is the only computer I have ever authorized to access my account, and I am the only person with access to it.

I am not sure how this happened. Any thoughts or similar experiences?

Powerbook G4, Mac OS X (10.5.8)

Posted on Nov 28, 2010 3:45 PM

Close

Q: iTunes store account hacked

  • All replies
  • Helpful answers

first Previous Page 3 of 131 last Next
  • by trailbossc,

    trailbossc trailbossc Jan 30, 2011 12:27 PM in response to trailbossc
    Level 1 (0 points)
    Jan 30, 2011 12:27 PM in response to trailbossc
    Also want to mention that I hardly ever log into my iTunes account from a computer. And I definitely haven't logged in from my computer anytime close to when I was hacked. I only log in from my iPod when purchasing an app. So it's doubtful that it was any sort of spyware, keylogger, etc. from my PC.
  • by brad p,

    brad p brad p Jan 30, 2011 2:54 PM in response to stereocourier
    Level 1 (4 points)
    Mac OS X
    Jan 30, 2011 2:54 PM in response to stereocourier
    how many of you have contacted apple about the fraud?

    how many of you have recvd responses from apple that appear strange, as if they replied as if they were reading a different persons email. not really answering your questions, saying unrelated things that dont pertain to your questions, refunding the wrong amounts etc...?
    almost like you were talking with the hacker at some points.
  • by trailbossc,

    trailbossc trailbossc Feb 1, 2011 3:22 PM in response to brad p
    Level 1 (0 points)
    Feb 1, 2011 3:22 PM in response to brad p
    I contacted Apple and they refunded my charges. I also questioned them about the possibility of an App that may be the cause of this hack. All I got was a comment about how to protect my account and password security, blah blah blah. Oh and maybe contact the developer or look for support from the developer of the App. OK. So first, I have no idea which App is doing it. Second, like they are gonna help me. And third, I can change my password all day long, but if it's being stolen by something on the iPod, it's just gonna steal it again. So the only way to be safe is to have 0 apps and have a $400 music player. Yay!!!!
  • by Lucy Love,

    Lucy Love Lucy Love Feb 12, 2011 3:17 AM in response to stereocourier
    Level 1 (0 points)
    Feb 12, 2011 3:17 AM in response to stereocourier
    The exact same thing happened to me today (12 Feb 2011) - just opened up my e-mail inbox and saw 3 unexpected iTunes receipts. Worse still - 3 receipts totaling up to roughly $150. Even worse - it was some Chinese app I couldn't even read.

    I'm the frugal type - I really saved up those 150 bucks. I really don't buy apps unless they're free, or on the cheap. And I definitely don't buy in-app upgrades. So, as you can imagine, I had a panic attack, followed by an intense urge to stab something. My pillow did well at the time.

    I hope Apple reimburses my money. Then, I'm probably gonna spend it out soon and not use the iTunes store ever again. Forget saving up - I'd rather spend it on myself than have some random idiot spend it on upgrading his "Banker" account. (it's the app he used my money in. or she used my money in. it's a pretty girly app...).
  • by jaschembra,

    jaschembra jaschembra Feb 12, 2011 4:24 AM in response to Lucy Love
    Level 1 (0 points)
    Feb 12, 2011 4:24 AM in response to Lucy Love
    I didn't have an iTunes card jeopardized.... I had the credit card I used in Dec. to purcharse my laptop online with Apple hacked and they made $99 worth of iTunes purchase on it. Discover instantly called me the day it happened (unbelieveable) and cancelled our account. However, That's when my Apple ID became disabled and the Apple iTunes support people have yet to fix it. We've beem disgruntled on the other discussion board, Apple ID disabled.... Apple is missing out on a lot of $$$ for people like myself who can't make any purchases on iTunes. Sure, we can log in and make changes to our account, etc., but no downloading of free stuff or songs, movies, apps, etc. Frustrating.... It's been over 2 weeks!
  • by CoopMac,

    CoopMac CoopMac Feb 13, 2011 6:21 AM in response to stereocourier
    Level 1 (0 points)
    Feb 13, 2011 6:21 AM in response to stereocourier
    I also just had the same thing happen. Woke up to a receipt for $49 of purchases that I did not make. The address on my account was changed to Townson, MD and my credit card info was removed.

    Since the app was downloaded on my itunes account, should I worry about them now having all of the info in my computer?
  • by brad p,

    brad p brad p Feb 13, 2011 7:44 AM in response to CoopMac
    Level 1 (4 points)
    Mac OS X
    Feb 13, 2011 7:44 AM in response to CoopMac
    hey coop,
    ive been wondering if there's a app or something that acts like spyware. i actually havnt bought any app's before the fraud. but i did have a few free apps.

    Q: did all of us have a gift certificate on file? i had a gift cert, but not a CC on file...i hope apple is looking into this, but from the CS email ive gotten, it doesnt appear they are.

    Q: does anyone have trouble with itunes store access? i still cant get in the itunes store, and actually some other friends have the same problem.
    thanks
    b
  • by JamesCH09,

    JamesCH09 JamesCH09 Feb 16, 2011 7:47 AM in response to brad p
    Level 1 (0 points)
    Feb 16, 2011 7:47 AM in response to brad p
    I received an email from apple support at 2:45 am that my credit information had been changed on my iTunes account. I logged in when I awoke this morning to find my gift card credit balance of $30 had been used up leaving only $1.65. I aksi noticed my credit card information had been removed. No other changes were made to my account. The address was still correct and I am able to access the iTunes store.

    I have changed my password and sent an email to billing customer support. No response yet. I am curious why the common theme is deleting the credit card information? The only information visible is the last four digits.

    It would be nice to know the root cause of how this is happening to so many. Will the hackers lose listening privileges to the songs they stole off my gift card balance now that I have changed my password? My understanding is that songs have digital rights management (DRM) protection meaning your computer is only "authorized" to play content that was purchased using your Apple Account. So, if the password is changed, would this make those purchases un-playable? Or what's to say my account won't get hacked again seeing as though someone got my account password in the first place already, they could do it again.
  • by Ryan Speaks,

    Ryan Speaks Ryan Speaks Feb 17, 2011 6:46 PM in response to trailbossc
    Level 1 (0 points)
    Feb 17, 2011 6:46 PM in response to trailbossc
    Same thing here...three unauthorized transactions from Hongbin Suo Boyaa Texas Hold 'Em?? Never heard of it! My credit card was removed from my account and my city, state and ZIP changed to Towson, MD 21286-7840 just like all of the above. I sent an email to iTunes support, changed my password, changed my email password and now checking with my Bank. Apple needs to do something about this!!
  • by omenborn,

    omenborn omenborn Feb 17, 2011 7:21 PM in response to Ryan Speaks
    Level 1 (0 points)
    Feb 17, 2011 7:21 PM in response to Ryan Speaks
    Also just found my account hacked. Purchased app 德州撲克 HD, by Hongbin Suo , same seller as previous posters hacked app.

    Changed my credentials and reported to Apple.
  • by Ryan Speaks,

    Ryan Speaks Ryan Speaks Feb 17, 2011 7:25 PM in response to omenborn
    Level 1 (0 points)
    Feb 17, 2011 7:25 PM in response to omenborn
    Check your download queues everyone...I have four pending downloads for four apps that I did not initiate. They are titled "Super Mega Worm", "Vertigo Towers Free", "QQ" and the fourth has four Chinese characters (I'm guessing?) followed by the English letters "HD". I sent another email to Apple to have these four removed from my download queue because I don't seem to be able to permanently delete them...when I right-click on them and select "delete" they don't really go away...it still lists "4" pending at the bottom.
  • by CharlesQc,

    CharlesQc CharlesQc Feb 17, 2011 7:40 PM in response to Ryan Speaks
    Level 1 (0 points)
    Feb 17, 2011 7:40 PM in response to Ryan Speaks
    It happened to me Sunday night. I connected to Store Monday night and saw that $85 were stolen from my account for three chinese Texas Hold'em apps. I wrote to iTunes and they reimbursed me on Thursday.

    Nevertheless, I know how frustrating it is, and I would suggest to everybody to tell your friends about it, so people remove their credit card and change their password often (I would suggest every 4-6 months). Also, that would be safer to only use $10-$15 gift cards until Apple does something about it (I'm very happy about the service and how I've been reimbursed quickly, but it doesn't fix the problem, other people will have their money stolen).

    Hope all of you guys will have your money back!
  • by eclassworld,

    eclassworld eclassworld Feb 17, 2011 10:40 PM in response to omenborn
    Level 1 (0 points)
    Feb 17, 2011 10:40 PM in response to omenborn
    That is what happened to me, as well.... I contacted Apple as well... Does anybody know how long it takes for them to shoot you an email back?
  • by Izodius,

    Izodius Izodius Feb 18, 2011 6:52 AM in response to eclassworld
    Level 1 (0 points)
    Feb 18, 2011 6:52 AM in response to eclassworld
    Exact same thing here! What the heck! No respone from Apple?!
  • by JamesCH09,

    JamesCH09 JamesCH09 Feb 18, 2011 11:10 AM in response to CharlesQc
    Level 1 (0 points)
    Feb 18, 2011 11:10 AM in response to CharlesQc
    I received a response today from Apple Customer Support, a standard response, but a response none the less. They did credit my account back, but warned this would be a "one-time exception to our sales policy". I have obviously since changed my password, but have no confidence based on the multiple reports posted on this discussion board that the root cause has been identified and fixed.
first Previous Page 3 of 131 last Next