Just happened to me today! Two charges, first one was for $59.97, second one was for $44.97 I quickly disabled PayPal on my iTunes account before another one for $19.96 could get through! For me, it was someone using my account to buy, "Nobility Points" in a game called KINGDOMS AT WAR. I had never even heard of this game before today! Man, this *****. How are they able to get my information? I'm worried about downloading anything else from iTunes now.
Got me too! Kingdom Conquest, and in-app charges. Spent about 10 minutes waiting for a tech on the phone. Acted like they'd not heard there was an issue. The tech on the phone was simply relaying information from some other tech with whom she was chatting online. Finally said they would refund the charges, and that I should change my password and everything would be OK. Thanks, and bye. So I did that, and then find that my Apple ID was deactivated, so after scouring their online resources, ended up on another 30 minute phone call with one tech intermediary getting info from another tech via chat, and again the tech claimed he was unaware of any issues with a global hack, even when I referenced Kingdom Conquest. "Really? Where did you hear that?" Uhhh, GOOGLE!!
So I got the ID reactivated, changed the password, and I'm back in business. BUT, neither tech bothered to mention deleting credit card, Pay Pal info, and prepaid card info from my iTunes account. COME ON APPLE, put your big boy pants on and (1) acknowledge the problem, and (2) WARN YOUR CUSTOMERS! I at least got the courtesy of an email from Michaels when they had skimming issues!
I was hacked in April (same situation as everyone else...gift card credit, location changed to Towson, etc.). I got a refund and my account was disabled. Of course, I changed my password, security questions, etc. immediately. Two days ago, I finally decided to reactivate my account, and I purchased two songs. I checked my email today, and the receipt shows $39.98 in purchases that I did not make. This time it's "MetalStorm: Online" and in-app coins.
The first time this happened, I was a bit frustrated; now, I'm ******. I know I'm preaching to the choir here, but this is ridiculous. How is it that literally within hours of reactivating my account, it gets drained? Why has this been going on for at least six months with (as far as I can tell) no acknowledgement from Apple and certainly no solution? This thread has almost 50,000 views. Either this is one sophisticated exploit, or Apple is pretty **** incompetent.
May 4, $49.97 for Texas Poker. I just noticed it now. I had $50 in gift cards I had redeemed (from my computer) around that time. I just contacted Apple to let them know. It appears that nothing was charged on my credit card (which has apparently been deleted from my account), and I feel fortunate that my account wasn't linked to Paypal.
As an original apple fanboy, I am very disappointed by this situation and Apple's lack of an obvious response to those of us who have been victimized.
Someone also changed my city of residence to Cockeysville, MD.
i just got hacked yesterday,theres 4 consecutive buy in between 1 hour, lucky im still in front of my computer and i immediately unlink my account with paypal and change all my password
1.Haypi kingdom, super package, Seller: Haypi Co., Ltd. cost $54.43
2.Haypi kingdom, medium package 2, Seller: Haypi Co., Ltd. ,Haypi kingdom, medium package, Seller: Haypi Co., Ltd. Haypi kingdom, basic package, Seller: Haypi Co., Ltd. Cheats for Haypi Kingdom, v1.0, Seller: Rashmi Bajaj (4+) ,and 1 song named Sao Anh No Danh Quen cost $40.14
3.music that i never ever heard it like red hot chilli pepper and some vietnamese song ( dang i never like american and vietnamese song) cost me about $49.33
4.another 4 more song cost $10.57
with this im will never ever buy any apps in itunes store.
Me TOOO!! I just got one yesterday for purchase of these games and poker chips I didn't make.
-KingdomConquest-, v1.1.8, Seller: Dega Corporation -Free
Texas Poker, v3.0, Seller: KAMAGAMES LTD -Free
Texas Poker, 15M chips, Seller: KAMAGAMES LTD -$19.99
Texas Poker, 15M chips, Seller: KAMAGAMES LTD -$19.99
Texas Poker, 5M chips, Seller: KAMAGAMES LTD -$9.99
Total of $49.97
Glad I only had a gift card in my account, but still, this is ********.
I heard back from Apple (it took only about 6 hours for them to contact me). In addition to telling me to change my password and telling me how to reactivate my account, they said,
"After reviewing the circumstances of your case, we determined that issuing you a refund for the items that were purchased without your permission is an appropriate exception to the iTunes Store Terms and Conditions, which state that all sales are final. A refund in the amount of $49.97 will be credited to your iTunes account." (the account has not yet been credited)
The quick reply suggests that they are very aware of the situation, but the posts above show that the problem is ongoing. I'm surprised that they haven't completely locked or blocked the several applications that seem to be the worst offenders (or even block the ability for in-app purchases).
Well, I just heard back from Apple. No refund for me, since I'm a two-time victim. Basically all the questions I asked were ignored, but I was told to change my password and review the terms of sale and security tips. Not sure if this was intended to be an insult, but it is.
My account is disabled once again, and I intend to leave it that way.
Got hit over night -- nearly $240 dollars in PayPal purchases for an app called "Live Racing". Contested the Paypal charges, filed a report with Apple -- we'll see what happens, super anxious about it though.
They didn't bother changing anything about the account -- I did reset the password, all warnings, and deauthorized all the computers associated with the account. Annoying thing to wake up to on Monday morning.
I think this was a brute force hack, though. All week my iTunes account kept getting locked, but no suspicious activity otherwise. I was doing a lot of updates to my devices and computers in my house, setting up the beta of iTunes in the Cloud, etc.. and had naturally assumed it was just a quirk with the new system.
Looking back, I should have changed my password much earlier.
Baba, there are actually a lot of really funny gospel songs like Tammy Wynette's "I'd Like To See Jesus On The Midnight Special" which you might enjoy, atheist to atheist. Wanda Jackson's "Jesus Put A Yodel In My Soul" also comes to mind.
In any case, to update you all on my situation:
After a week of emailing them, I finally got a response and had my 74.01 in gift cards restored. I have yet to log back in to my account and did mention in one of my emails back to the tech who wrote to me my concerns about having my account hacked twice and not being refunded if it happened again and was told to get anti-piracy software and when I asked about suggestions for that was told they were not allowed to rec any non-Apple programs. For all I know, my money could already have been ganked again. I can't come up with 74 bucks worth of songs I want to buy at once so have not bothered dealing with getting into my account again.
I've been dealing with other brand new iTunes problems like the app refusing to burn anything for the first time ever (Mac user since '87), crashing as soon as I hit BURN DISC and having my posts on that subject erased by the mods -- THEY ARE LISTENING!!! JUST NOT HELPING WITH ANYTHING!!!!!! --
I'm very glad this problem with THOUSANDS OF HACKED ACCOUNTS has gotten so much press in the past week and can only hope it gets more press before more unwitting victims put in their credit card info online for iCLOUD and wind up being evicted because their checks bounce while ten year olds in China gamble with their rent money.
It's clear from just the posts in this thread, nevermind all the rest of the discussion on this topic all over the web, that an official statement from Apple and a sturdy policy line on refunds when a client has obviously been stolen from (hello KamaGames!) would go a long way to clearing up any confusion on the matter.
<Edited by Host>
Kevin to be honest I doubt it was a brute force hack. These days due to auto locking and other security features there is almost no way to be able to determine a password from a brute force attack. You may find that you're hacking was unique and you may have been key logged which would explain the reason that you kept getting get logged out as there may have been missing letters which the hacker may have to determined