I'd seen this happen quite often back a year or two ago and now, I guess it was simply my turn.
I got an email this afternoon from Apple reporting that an app had been downloaded on a device not previously associated with my ID. I immediately checked iTunes and sure enough, there it was downloading thanks to auto downloads.
I was hoping it would be an error but I went onto the Apple ID management site and changed my password anyway. Then, minutes later I got another email saying that this time a purchase had been made on a device that had not been associated with my ID before. Sure enough, the £35 I had left on my account from a gift card had been reduced down to £3 thanks to 3 in-app purchases.
To cut a long story short, I've spoken to Apple and they're refunding the money. I just wanted to know if anyone had any more information on this? I mean, I'm not an easy target in terms of passwords and account security. My password was nothing that could have been guessed, no one knows it but me and the other places I use it are secure sites, so how has someone in China managed to get into my account? Surely there must be a security vulnerability in the Apple ID system for this to be happening?
This is the app that was used to make the purchases: http://itunes.apple.com/gb/app/wen-ming-fu-xing/id467940664?mt=8
I can't help but think that the app developer must be a part of this and it all seems to add up. The in-app purchases would have sent the money straight to the developer. The app has a number of add ons available at varying price points in order to get the most credit possible from an account. I very much doubt it was some kid actually buying stuff to use in a a game particularly as he bought the same thing twice. The developer only has the one app on the store for which I can't find any reviews...
I got an email this afternoon from Apple reporting that an app had been downloaded on a device not previously associated with my ID. I immediately checked iTunes and sure enough, there it was downloading thanks to auto downloads.
I was hoping it would be an error but I went onto the Apple ID management site and changed my password anyway. Then, minutes later I got another email saying that this time a purchase had been made on a device that had not been associated with my ID before. Sure enough, the £35 I had left on my account from a gift card had been reduced down to £3 thanks to 3 in-app purchases.
To cut a long story short, I've spoken to Apple and they're refunding the money. I just wanted to know if anyone had any more information on this? I mean, I'm not an easy target in terms of passwords and account security. My password was nothing that could have been guessed, no one knows it but me and the other places I use it are secure sites, so how has someone in China managed to get into my account? Surely there must be a security vulnerability in the Apple ID system for this to be happening?
This is the app that was used to make the purchases: http://itunes.apple.com/gb/app/wen-ming-fu-xing/id467940664?mt=8
I can't help but think that the app developer must be a part of this and it all seems to add up. The in-app purchases would have sent the money straight to the developer. The app has a number of add ons available at varying price points in order to get the most credit possible from an account. I very much doubt it was some kid actually buying stuff to use in a a game particularly as he bought the same thing twice. The developer only has the one app on the store for which I can't find any reviews...