You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
I am constatnly getting 'reset apple id' emails.
Yesterday I got a notification that someone in Taiwan had downloaded Throne Wars on another device not associated with my account - luckily a free download so I cahsnged my password straight away.
today so far I have had 7 emails about resetting my apple id.
Who do i report it to!? What can be done?
Thanks
Same thing happened to me.
Is this true, and if so, is it still possible?
That vulnerability was fixed less than 24 hours after it was discovered. This is not related.
+1 here too: The Panic Room: Outrage (and yes it states it in the e-mail that it was downloaded from Taiwan.
thomas_r, you're not being very helpful. I'm sure you are computer savy like many others on here but you don't have the customer service skills. Maybe you too will have this issue and will understand everyone elses pain. Everyone on this thread knows what to do, reset your password, etc. Folks are just posting the fact it has happened to them to try to get some attention to this issue.
As others have mentioned, make sure to reset your Apple ID password and I would also highly suggest removing your credit card information from your iTunes account and watch your credit card statement (pending purchases) VERY closesly. The app it purchases is free but if you look at the app in the store it has some VERY costly in-app purchases.
Today I had someone access my Apple ID account from Taiwan as well.
They only managed to get a free app game "Panic Room: Outrage."
I quickly changed my password after recieving the email that someone had accessed my account. But after I had already changed password I then only recieved the download conformation. I changed my password a second time just in case.
But as for my Apple ID account I haven't used it in years...considering I still own my original Ipod from like 2005. What I did buy from the store was around that same time. So no cards were tied to the account at all.
Quite strange that someone would hack accounts for free apps, wonder what they are doing with them. Unless they resort to that when they can't charge peoples cards.
Hopefully Apple can get onto this. At least the email warnings are decent enough for the time being.
And just for measure I figured I'd attach the e-mail of the "purchase." I imagine it only tells you that Taiwan was the location because of it not being an authorized area for your account so the notification occurs. Who knows. Pretty sure its not phishing though since the sent from e-mail isn't spoofed.
Got an email on the 27th stating that "Show of Hands" was downloaded from Taiwan. Checked the mail headers, defiantly from Apple's servers. Loaded up iTunes and sure enough that app had been downloaded on my account on the 27th.
I use pretty strong passwords (especially don't reuse PW for important accounts), keep my machines relatively locked down and regularly check to make sure my accounts -- especially email -- haven't been compromised. I haven't even had an iDevice for over a year and rarely use my Apple ID with the last login before this being around September.
A search on Twitter reveals that in the past week a number of people are reporting the same exact issue with different apps being downloaded from their account in Taiwan.
Thomas, the how is extremely important. Yes everyone should immediately follow those steps, but they are not going to matter much if Apple's system has been compromised. You mentioned brute-forcing, Apple's system locks the account after a very small number of attempts. With the number of similar compromised accounts and no reports of being locked out in just a week time frame -- I highly doubt it was a BF attack. If it was, then the attacker should be investing in some lottery tickets as he must be a pretty **** lucky person.
Ultimately, I changed my password, removed all payment information from my account and cleared out all my iCloud data. Though that's pretty easy for me to do as I no longer use Apple products.
kudos regarding looking on twitter - there are a _lot_ of people reporting the same taiwan hack on there.
https://mobile.twitter.com/search?q=apple%20id%20taiwan&s=typd
I'll see if I can tempt any of them to add their experiences to this thread: maybe we can build more of a picture.
thomas_r, you're not being very helpful.
Okay, I'm going to leave you guys on your own, then. It's obvious I'm not going to be able to help productively here. Nobody wants to hear what I have to say, and nobody is answering the questions I have asked. If pointing fingers and aimless speculation is what you guys want to do at this point, I'll step aside and stop interfering.
I was asked on twitter to describe my experiences.
I often get password reset emails from apple and just tend to ignore them until I checked the other day,
I received this email: 'The following information for your Apple ID ...... was updated on 28/12/2013:
Credit card'
obviously this would worry me, so I continued to check my emails and found another one saying this '
Your Apple ID, ....., was just used to download Pirates Journey: Into the Caribbean from the App Store on a computer or device that had not previously been associated with that Apple ID.
This download was initiated from Taiwan.'
so then I reset my password and had to check if that pirates app actually cost money because I wasn't sure if they might have paid for it with my credit card, but it turns out they just removed my credit card, if they would have added their own card I would have just bought a load of stuff with it.
Thomas. Get a thicker skin. Your suggestions have been helpful. We're not indulging in speculation, we're using the forum in the way it's intended - to share experiences of this Taiwan Apple ID issue. Not every issue is solved with a single response which then gets a kudos and gets filed. Don't get frustrated by what seems like a lack of gratitude, and bear any criticisms - not everybody responds well to efficient responses which combine good security practices into one or two posts.
Everybody else - please continue to contribute to this thread: while we know apple won't respond, I'd be surprised if they're not reading it (although - not to Thomas - I have no evidence of this), as I've quoted this thread to customer support directly, so this could be considered a petition / information resource of sorts.
Regards to _all_
Andy
Additionally - I meant "nod to thomas" not "not to thomas" - accursed typing angles
Thomas. Get a thicker skin. Your suggestions have been helpful.
I'm glad that you've found them to be helpful. I know my efforts have helped at least one person here.
Note that this isn't about thickness of skin... there are only so many times you can try to be helpful and be told to butt out before you realize the futility of your efforts. I'm simply choosing to stop banging my head against a wall.
Got this e-mail on 12/26:
Dear <firstName lastName>,
Your Apple ID, your@email.com, was just used to download BBC Sport from the App Store on a computer or device that had not previously been associated with that Apple ID. You may also be receiving this email if you reset your password since your last purchase.
This download was initiated from Taiwan.
If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.
If you did not initiate this download, we recommend that you go toiforgot.apple.com to change your password, then see Apple ID: Tips for protecting the security of your account for further assistance.
Regards,
Apple
Sorry Thomas but I believe I replied to every one of your questions in my previous post1?
I received the same email regarding a purchase initiated in Taiwan for the App "Farm-Town" on December 28. The purchase was confirmed in my iTunes account.
Your Apple ID, *********, was just used to download Farm-Town from the App Store on a computer or device that had not previously been associated with that Apple ID. You may also be receiving this email if you reset your password since your last purchase.
This download was initiated from Taiwan.
If you initiated this download, you can disregard this email. It was only sent to alert you in case you did not initiate the download yourself.
If you did not initiate this download, we recommend that you go to iforgot.apple.comto change your password, then see Apple ID: Tips for protecting the security of your account for further assistance.
Regards,
Apple
Did you get any response on an enterprise level? We appear to have a growing number of reports here.
reset apple id emails someone trying to hack my account
