not to hijack the thread, but I've had ongoing issues w being locked out of my account since early July, every few days or sometimes as long as a week between lock outs, supposedly because my password is incorrect. After the usual failed log in attempts, I have to go and change my password.
So how does this happen? If I change the password myself legitimately, I always get an auto email from Apple confirming that my password has changed. But whenever I'm locked out by whatever mysterious force is changing my password, I never get an email informing me that "someone" has changed "my" password. Apple just tells me the password is incorrect and eventually forces me to reset it.
Plus if someone or some bot is somehow accessing my account to change my password, they are not using that access to purchase anything or download anything (so does it seem reasonable that this really IS a malicious hacker - why would a hacker hack an account just to change a password every couple days and leave without using the access to DO anything malicious?) ; and (b) when that person or bot changes my password, I SHOULD regardless be getting an auto email from Apple at my registered email address to inform me but I am not. So how is my password being changed without any notification of the fact? Even if I change it myself, I still get that email.
The only weird download during these past 6 weeks from the App store that I did not recognize as my own was a download of a free massive multiplayer game (Rome 2) and even at that I can't be 100% sure that I didn't mistakenly hit the install button when i was checking out the game description - but even so, would a hacker breaks into my account so he can use my ID to download a free game? Plus my account shows this game as installed, but I've never installed it on any devices. Even checked the Game Center on my iPad in case it was some weird deal where a free game was installed as a demo without my knowledge, but it's not there.
It has to be a glitch on the Apple side, something I suspect to do with multiple devices on an account judging by the way Support reacted when I told them I do have multiple devices - see below (i have a MacBook, iPod and iPad, and was thinking of buying an iPad mini until all this started happening).
I did take the time to contact Support about this, and after some dicking around they transferred me to a number that just rang and rang and no one ever picked up. I was told I was being transfered to Account Security or something like that - pretty hilarious. They asked me whether I had multiple Apple devices, and then transferred me to nowhere.
I live on my own, and have never shared my challenge questions w anyone, and have changed my questions a few times since this started happening anyway. So the only way (at least from my non-techie POV) for an infiltrator to be able to change my password would be to use my email and original password, but as mentioned that SHOULD in theory mean that I would at least get a confirmation email that it's been changed, even if not actually changed by me. But I only discover the issue when App Store or the Apple server prompts me to re-log in and then refuses my password.
As mentioned, it's not like anyone is changing my password and then attempting to buy a ton of stuff from the App store or iTunes on my credit card - the password just gets changed randomly.
I find it very hard to believe that this is a hacker, unless it's a bot just testing the Apple security in preparation for a more lucrative hack attack - if it's just someone trying to hijack my account, he or she has had plenty of chances in the last 6 weeks to take advantage of locking me out of my account (if there is any advantage). I didn;t even keep ALL the Apple emails I received, but I just counted the ones I did save and since July 3 I've had to change my password over 12 times!
The prompt from Apple when I try to log in with my supposedly "wrong" password and they force me to reset is just that it's the wrong password - it doesn't say that the account has been locked due to suspected malicious behaviour or locked because of consecutive prior unsuccessful log-ins with an incorrect password. Basically just tells me that I'm so stupid I can't remember my password longer than a week, lol.
I have to suspect Apple has a problem that they are not telling us about.
Martin