Q: iTunes store account hacked

My account was hacked yesterday (10/27) while updating the Apps on my iPad.  I was using the secure wifi at work. iTunes store location was changed to China and the credit card info was changed.  3 Geniuses at the Apple Store couldn't reset my location from China so now I'm waiting to hear from the "Express Lane" (the automated email reply said withing 48 hours).  On the plus side, it's not my credit card and no emails have come through regarding purchases made.

I immediately changed device passwords yesterday so hopefully damage will be minimal.  

Is there a way to delete Apps rather than just unchecking them per device in iTunes? Don't have many, but time to clean up and get rid of some of the ones I don't really use.

I can be added to the list of people that have been hit---

they took me for nearly 30.00 that I had from a gift card---

Hoping Itunes comes thru and credits ....

Just an FYI I noticed that a day or so after I noticed that when I logged into Itunes it asked me to change my password which seemed unusual so I am sure its linked to this ....

Confirmed that 3 purchases were made (total of $15.97).  Don't know why the hackers edited the CC info.  The card they entered in place of mine doesn't work.  Still can't change my country of origin from China back to US and I'm not updating payment info until then (and after I change my PW, again). 

Now ExpressLane isn't working for me.  The window to describe the error never appears.  Worked fine when I was at the Apple Store today.  Can't even report the purchases when within iTunes as problems.  Clicking on the "Report a Problem" link results in a server error.

Getting really annoyed at Apple over the difficulty in reporting and resolving a hack/data breach. 

Today I noticed that I have to pay Click and Buy € 158 because of 2 purchases of 79 each. My purchase history shows that they first downloaded 人人乱世天下 By RenRenGames into my account and made the in-app purchases of € 79 there. Oddly enough, my iTunes purchase history shows one purchase of € 79, and my Click and Buy shows 2x € 79.

Of course I tried to report these purchases in iTunes as shown here

http://support.apple.com/kb/HT1933?viewlocale=EN-EN

But when I get to step 8, clicking on Report a Problem, and the reporting form should be come up, the only thing that happens is that my browser opens the webpage of iTunes http://www.apple.com/nl/support/itunes/, like I have to instal iTunes first. When I do the same for another purchase I made myself (a music CD), the reporting works. So I don't think the problem is in my pc.

I already reported this to Click and Buy, and I will email this to iTunes costumer support too. For some reason I'm glad to see I'm not the only one affected by this fraud, because now I feel that we all have a chance to get this solved.

Same here mine got hacked too.

the person in this address purchased something over 50 dollars

and emptied my other 30. BS!

This is still happening. I was hacked out of $40 +. It is great that if I catch it Apple refunds my money by how can GAMEISLIVE CORPORATION still be operating? This is not identiy theft this is a clear case of the apple store being hacked.

This is a BIG PROBLEM. Most of these posts are from Febuary and the same company is still doing the same things in October?

This is Apple's problem. They have a huge hole somewhere and the have had more than enough time to plug it.

Similar to the above, my account was hacked less than 24 hours after registering a new iPad with my account.  Account has been dormant for quite a long time before that.  iTunes store location was changed to China and a handful of low-cost apps purchased, totalling about US $60.

Usual processes followed - account password changed, computers de-authorised, card details removed. iPad has been powered down since, Defender/Trend/Avast! scans clean on source computer.

Note - account appears to have been hacked again today, or at least the password locked in some other way.  Also cannot change location from China without entering new card details.

FWIW I'm going to report this to the Information Comissioner in the UK as it seems to me that Apple really do have an underlying security problem that is resulting in the loss of personal data (of course direct contravention of the UK DPA).

Still can't change my location from China to the US.  When I select US from the menu, I get prompted to enter CC info and then iTunes tells me it can't process the transaction and to "try again later".  Not very helpful.

• Boat, same.
• As someone mentioned earlier, communication from Apple support has been so disjointed and grammatically poor that I've had Twilight Zone moments in which I've felt I was actually corresponding with the original hacker.
• All blame on me, no real apology from Apple.
• The final kicker - after canceling my credit card with my bank the only way to reset my location back from China is to enter yet a new credit card number into my iTunes account.  Ah yes - circle of life...

Yep, and it is still happening!!  Just tried to purchase a business app and all my £30 credit has been swallowed up by this Bl**dy app!  I never asked for it, I was never asked for my password before it downloade, nad I am truly p1SSED OFF.  This is my first iPhone, really looked forward to it and now look what has happened.  I have contacted customer support, but even that is the most complicated system ever devised, and I hope I get my funds returned.

I have noticed that on the iTunes site there is the logo for the 'Game Center' app, could this be the culprit, sadly I cannot delet it, I guess it is embedded.

OK add me to the list.  I just got an email thanking me for my purchase of a $50 gift certificate from the itunes store, which I had not purchased.  My street address had been changed to an address several states away, which I have never been to, and my credit card number was changed to a credit card I don't have.  They also didn't put in a credit card security code, so I don't see how they could have purchased anything.  There are no new suspicious charges on any of my credit cards.  I didn't have any gift cards, credits, or anything and I didn't use Paypal on itunes store.  So I am thinking the hackers probably did not really get anything from me. 

The strangest thing is the purchase receipt said:

For 967gyk  WHICH WAS MY OLD PASSWORD!   (not really, I made that up)      In other words, the receipt had MY OLD PASSWORD ON IT!

I immediately changed my itunes store password. 

I use an ipod touch, and the most recent thing I had bought was a calorie counter app, about three days ago, using the ipod touch and my home (password-protected) wifi.  I had updated one other app recently. 

I used Apple's email "we will contact you in 48 hours" to report the problem and left the fake address and the fake credit card number sitting there in my itunes store account so they can see it. 

Pleased to say that my funds have been returned, although as an earlier post said, it is 'against policy'.  This to me means that Apple are aware of the situation and will refund when asked!  I would rather they sort out the main issue which is the uncontrolled downloading of app(s). My account has at the moment been disabled, as per protocol.  The annoying part about that is there is only one computer and 1 iphone registered and both are password locked!!  What more can I do?  Still agreat phone though ;-)  I did a full system scan on my PC and found a Trojan in my temp internet folder associated with itunes........... and yes, I do have the check box ticked that says delete temporary internet files in Explorer.  Onward and upward.

Grrrrrrrrrrrr!!!!!!!!!!!   I got a condescending email explaining that this usually happens because of answering phishing emails, using the same password on multiple sites, or sharing passwords.  I am not an expert but way to insult my intelligence.  I am not stupid enough to have done any of those things.   I am so mad about the condescending tone!!!!!!!!!!!!!!!!!!!!!    Especially after the articles I read today saying that this is an ongoing issue, possibly with organized crime.

They did refund the $50 that someone supposedly spent under my name (even though I don't think they were able to get my credit card info.)  Again--whoever hacked my account put in a credit card number that I had never heard of, and changed my address to an address I had never heard of. 

I hope the real issue eventually comes to light and the person who wrote the condescending email realizes they were blaming users falsely.

I'm wondering about what's going on with this. If they're not using your credit card, whose card are they using? I assume they're not using their own cards. Are they using stolen cards with our accounts?

What purpose does our account serve if they have a stolen credit card to charge with?

This is clearly a known issue:

http://threatpost.com/en_us/blogs/itunes-users-puzzle-fume-over-account-hacks-03 3111

http://threatpost.com/en_us/blogs/attorney-general-massachusetts-wont-investigat e-itunes-fraud-101711

It seems that Apple is going to continue to just stonewall users with compromised accounts and throw some of their huge war chest at the problem rather than risk a public mea culpa that would damage their magicalicious image and invite litigation. I'm very skeptical that any of this will ever appear in the mainstream media. Tech writers for Time, NYT, Engadget and others have a vested interest in feeding the Apple frenzy. Every fawning puff piece they churn out helps sell their publication - many of which are of course sold on the resident icon within iTunes itself...