I think my iTunes account was hacked?

[rogerram]

New US iTunes Fraud

Had an email this morning listing purchases I had not made. Checked my US iTunes account & discovered all my credit had been used up with further purchases.
I live in the UK & fund the US account with dollar gift cards so no bank or PayPal accounts are compromised. I've now advised Apple by email & asked for a refund & changed my password.
I'm really curious as to how this happened-has my Mac been hacked, last legit purchase was to hire a movie for my new Apple TV-was it that, or is iTunes store security dodgy?
I've not lost a lot, but this is really annoying-I'll let you know what Apple say.

 

[MikeTheVike]

Had an email this morning listing purchases I had not made. Checked my US iTunes account & discovered all my credit had been used up with further purchases.
I live in the UK & fund the US account with dollar gift cards so no bank or PayPal accounts are compromised. I've now advised Apple by email & asked for a refund & changed my password.
I'm really curious as to how this happened-has my Mac been hacked, last legit purchase was to hire a movie for my new Apple TV-was it that, or is iTunes store security dodgy?
I've not lost a lot, but this is really annoying-I'll let you know what Apple say.

Sounds like exactly what happened to me. Apple refunded me, but made it clear it was a one time thing. They also made it sound like it was probably my fault, like I was phished or something. I'm not an idiot, I'm pretty good at recognizing phishing attempts. Maybe I did fall for one, who knows...but I still think these "hackers" are finding some other way to purchase things on other accounts. Good luck

 

[rogerram]

Apple were really good. They refunded all that had been taken, suspended and then restored my account, all within hours of my emailing. From the advice the implication was it was my fault through a phishing scam or something but I'm pretty sure this is not the case.
My reset password is now 'strong' where the old one was 'moderate' so I reckon if the iTunes account is used fraudulently again it has to be down to Apple's security which would be worrying.
Anyway, I was really pleased with the refunds and their quick responses.

 

[MadMama]

And the hacking continues...

My iTunes account was used to purchase apps 3 weeks ago, and my daughter's was used yesterday. We never fall for phishing or other scams, and there is no way that someone could "guess" our passwords. It is pretty clear that iTunes has been hacked (again?). iTunes response is to point the user to security FAQs, and they make no admission of security compromises. I don't believe it.

 

[Bowsey]

Another one to add to the list.
£30 of apps bought yesterday using itunes credit I got for my birthday. I have never had anything come up to ask me for my account passwork other than in itunes or app store so it must be apples end.
They bought £30 of iPad apps, and I don't even have one.
My card details were also deleted so don't know if they have them or not. Can anyone remember if it shows the full debit card number or not when you access it?, if not then it is ok since there is still 50p of credit left on my account and I have changed my password.

Turning out to be a bad end to the year.
Waiting for apple to reply to my email.

 

[EmmEff]

I just had my US iTunes account cleaned out... they changed my City/State to Towson, MD 21286. I lost $60+

 

[Dreamcat]

I just had my US iTunes account cleaned out... they changed my City/State to Towson, MD 21286. I lost $60+

I had the same thing happen to me last night!
They cleaned out my gift card money, and changed my billing city/state/zip to Towson, MD 21286.
Is this a sign of a bigger issue, if multiple people have had it happen with the same city/state/zip on the same day?

Strangely, they deleted my debit card info while in my acocunt, but left my password alone.
So, when I received an email from iTunes stating that my address and credit card were changed, I was able to log in and get my account back. But, now I don't trust that it is secure even with a changed password.

The thing is, I click on no links in emails, and go to no websites where I could be keylogged or phished. I am VERY wary of my password's security.
How are these crooks getting into our accounts?

I am done with iTunes at this point. No more linking a debit or credit card to it.
I just want to get my gift card money back, spend it down to zero, and then never use iTunes again.
I just can't trust their security at this point.

BTW, one of the items the hacker bought is "活出生命 Live 演唱会(Jacky Live Performance)".
So, looks like it is people in China via that not so legal version of eBay.

 

[cthoops]

Same thing happened to me - Towson, MD and a few purchases were made, including one with asian characters in front of it. Made off with just under $20 that was sitting in my account. I can guarantee that this is 100% not my fault (i.e., no clicking on strange e-mails, etc.).

 

[hobsgrg]

Exact same thing happened to me here in the UK, fortunately Apple refunded the money that had been spent on my gift card within a couple of days

 

[jacollins]

I have never had anything come up to ask me for my account passwork other than in itunes or app store so it must be apples end.

My paranoid side always wondered how hard it would be to create a fake iTunes "password" screen and have it pop up when you order an "in app" item on something. Most people don't really read or think about those screens, and just type in their password blindly. You type in your password in the fake screen, it "fails" and you think you typed it in wrong. Then they show the correct iTunes password screen and you continue from there without thinking about it.

My card details were also deleted so don't know if they have them or not.

My recollection is that iTunes x'd out the card number (except for the last 4 digits or so). So you should be good.

 

[poppindk]

Almost the same situation

I just created this account to share my experience after reading a few of the posts on this thread.
Before you read this and judge me or w/e:
1. I wasn't phished 100% sure
2. No one had access to my computer except me
3. I have a Macbook Pro running Leopard 10.6.5 with the latest update
4. My password is not easy to figure out
5. I just contacted Apple so I'll see what they say

So several days ago, I received an email from Apple that some of my information had been changed, but I didn't take it to heart because I took my credit card and paypal off the account, so I thought it was a delayed email.

Then a few hours ago, I got an email about two $50 gift certificates made out to efwwe and erret - both purchased with two different mastercards.

The weird thing was that I don't have a mastercard, and I was wondering how they could charge something to the card when they still used my name in the billing information.

In fact, they kept all the information the same except for each purchase they used a different city, state, and zip code each time.

What they used:
TWELVE CORNERS, NY 14618 and WINDING LANES, CT 06001

Is there any way to figure out who it was sent to like email address or shipping address?

This hasn't affected me at all except my account being hacked but I changed the security question/answer and password and I had no payment info on the account, so I think I'm good, but it's just weird what happened...

 

[TheCBB]

Also hacked

My account was also hacked. Received a receipt for $24.95 using up pretty much all the $25.xx in my account. I had my Paypal account linked, so luckily they were not able to continue purchasing. The only thing they changed on my account was the city/state/zip to Towson, MD 21286-7840. People are mentioning something about authorized computers, but all 5 of mine are used up, so they weren't able to authorize one using my account. This has to be a hacked server issue, not a phishing scam. I am typing this email from my desk where I work at Intel! I was not a victim of a phishing scam. I still have the email from my last purchase that I made 10 days ago. My address was correct then, so it happened within the last 10 days and I didn't get any emails from itunes, real or fake, in that time.

 

[medgirl2001]

I just created this account to share my experience after reading a few of the posts on this thread.
Before you read this and judge me or w/e:
1. I wasn't phished 100% sure
2. No one had access to my computer except me
3. I have a Macbook Pro running Leopard 10.6.5 with the latest update
4. My password is not easy to figure out
5. I just contacted Apple so I'll see what they say

So several days ago, I received an email from Apple that some of my information had been changed, but I didn't take it to heart because I took my credit card and paypal off the account, so I thought it was a delayed email.

Then a few hours ago, I got an email about two $50 gift certificates made out to efwwe and erret - both purchased with two different mastercards.

The weird thing was that I don't have a mastercard, and I was wondering how they could charge something to the card when they still used my name in the billing information.

In fact, they kept all the information the same except for each purchase they used a different city, state, and zip code each time.

What they used:
TWELVE CORNERS, NY 14618 and WINDING LANES, CT 06001

Is there any way to figure out who it was sent to like email address or shipping address?

This hasn't affected me at all except my account being hacked but I changed the security question/answer and password and I had no payment info on the account, so I think I'm good, but it's just weird what happened...

A similar situation happened with my husband's account about a week and a half ago. He had an AppleID that was automatically created when he bought a computer on the Apple online store a year ago. He has never used that account on iTunes. Someone changed the city and state to San Francisco, CA, entered in another credit card number, and purchased two iTunes gift cars for $50 each. I am confused as to why they used another credit card number?

 

[yetanotherdave]

THis happened to me today. The app was by Lakoo, and it was all in app purchases. Again, they used all my credit, but stopped 2p short of the limit of that so nothing went from my card. They also deleted the card details from the account.
It looks like they are making sure they only touch pre pay credit, is that to make sure banks don't get involved?

Anyway, I've cancelled my card, and am awaiting a response from apple about getting it refunded.

 

[PlasticBrad]

More fun from Towson, MD 21286-7840...

It appears this is becoming an epidemic... I recently (19 dec) had ~ $16 of residual gift cards cleaned out of my i tunes account.

Interestingly, as best I can tell, there are only two authorized machines against my account and at the time of the access one machine was disassembled and had been for quite sometime and the other would/should have been offline and was physically secure. Additionally, my password was strong enough to have resisted a brute force attack - so I think our intruder has a more elegant solution.

On the upside, apple appears to have refunded the lost funds but has not contacted me.

Just wanted to enter my experience into the public discourse...

Cheers

 

[yetanotherdave]

It took them over two weeks to refund you??

 

[PlasticBrad]

It took them over two weeks to refund you??

Sorry that was a bit misleading - I was on holiday and didn't discover the breach until the 30th; apple made me whole sometime late today. Apparently that is a one time deal - according to another board - if your account is hit again you are on the hook.

I know its a ridiculous question - but does anyone have any guidance on this "towson" attack?

It appears to have persisted through several releases of OS X and i tunes - and is well documented on several chat boards. Nonetheless, I can't seem to find a single post to clue me in on how (if?) I made my machine/account vulnerable.

I don't take undue risks with my online security and I religiously update my system - so its really disconcerting when I have to go change ALL my passwords and assume at least one credit card compromised.

 

[yetanotherdave]

Sorry that was a bit misleading - I was on holiday and didn't discover the breach until the 30th; apple made me whole sometime late today. Apparently that is a one time deal - according to another board - if your account is hit again you are on the hook.

I know its a ridiculous question - but does anyone have any guidance on this "towson" attack?

It appears to have persisted through several releases of OS X and i tunes - and is well documented on several chat boards. Nonetheless, I can't seem to find a single post to clue me in on how (if?) I made my machine/account vulnerable.

I don't take undue risks with my online security and I religiously update my system - so its really disconcerting when I have to go change ALL my passwords and assume at least one credit card compromised.

I am also fully up to date and patched. I don't think it's a hack, maybe phishing, but I honestly can't think of anywhere I've put my itunes password other than into my iphone/ipad/fully up to date mac/itunes. Brute force hacks maybe, open wifi? bought password lists, maybe, if you use the same password everywhere, very likely.

My advice, and what I do*, is to have a unique password for every site, that way you only have to change one. It's not as daunting as it sounds. you can use a password manager like 1password, you can also make each password unique by using part of the URL to make a unique password.
EG for macrumors you could append the first 3 consonants from the url to your password making p45Sw0Rdmcr your unique password for this site.

*it's up to you whether or not to take advice from someone who also got hacked I use(d) a less secure password that was common to other sites/forums for iTunes, because my usual password algorithm is tedious to type on an iPhone (app purchases/updates), I've learnt my lesson and now use my strong password algorithm for iTunes.

 

[Ed878]

Over christmass i was away on holiday without internet and so was not able to check my email and was in an area with no mobile reception. On returning back to the UK, I tuned my phone on and within a couple of hours had been called by my bank and their fraud team. I found that my itunes account had been hacked for a large ammount of money, £1170.05 to be precise. I am currently in the process of getting this money refunded but am interested to know how easy it was for all of you who have had similar issues on getting your money back! Was also wondering if anyone else had been taken for a large amount?

Cheers

Ed

 

[Platty32]

Where to start....?

I had an email from iTune's last week which was a recipt for a £10 gift sent to an obscure email address.

Now, I'd not logged onto iTune's for about 3 weeks, so I emailed iTune's to alert them to a possible fraud. I picked up the email whilst I was at work, so I walked across to the Bank and cancelled my card....To my suprise a further 15 £10 unauthorised payment's were showing as being earmarked to come out of my account.

I eventually had a reply from an iTunes representative who claim's no payments at all have been made from my account ( not even the first £10 that I have the iTunes recipt for! ), and that it was without a doubt, a card fraud, and not my account that had been compromised.

My first rant is, why can you not speak to someone at iTunes about a fraud?

Secondly, why wasn't this activity flagged by iTunes? ( Purchases completely out of character to my historical purchases )

Thirdly, why do iTunes completely bury their heads in the sand, denying all knowledge of the fraud, when I now have it confirmed that all 16 payments where made through iTune's.

Something to alert you further, you can buy hacked iTunes accounts from a certain Chinese website!

 

[mustang_dvs]

Guess I shouldn't be surprised that my details were changed to Towson, MD 21286-7840, huh?

This morning, they stole $33.88 in credit buying games.

I've worked in counter-cyberterrorism and critical infrastructure assurance. My password was a randomly generated 8-character alpha-numeric string. (A real pain in the butt to type in on an iPhone, let me tell you.) The email address on file is from my self-hosted domain. I am certain that I did not fall for any social engineering or phishing scams.

I'm more than a little hot around the collar to find that Apple still doesn't have a contact number for the iTunes Store, considering the volume of revenue.

 

[madhouseuk]

I'm putting my hand up as another who has had their account drained ($350) and address changed to Towson, MD 21286-7840.

All the purchases seem to be in-app ones through a chinese language gambling app.

My machine is locked down and interestingly as others have said the last thing i did was rent a movie on my AppleTV.

Still waiting for Apple to come back to me.

I suspect this is connected to the chinese site which was selling apple IDs a few weeks back. Apple obviously did nothing about it when it was brought to their attention.

 

[johngarland]

Hello guys. I have developers working on my applications and they have access to my itunes account. I do trust them but the fact that they have access to my itunes account sometimes makes me worry. I have a credit card connected to my account.

Will my developers be able to buy anything from Apple Website without me knowing it? Aside from apps? For instance iPhone, iPods, MacBooks?

 

[magicpinkdrink]

Sorry to bring back an old thread but I have joined the ranks of having my iTunes account hacked. Got an email receipt this morning and immediately opened it as I have not bought anything on iTunes for a week but I was window shopping last night and thought maybe I accidentally bought something. The receipt was for 9 apps that I can't even tell you what they are as the names are in Chinese and I am very much American.

I immediately logged in my iTunes and changed my password and tried to delete my debit card from the account but it had already been deleted. I never received the "your account details have changed" email others have gotten and I know it was on there as recently as Sunday as I got my phone replaced that day and had to verify my security code on my card authorize iTunes on the new phone. My address, phone number and other info were unchanged.

All they got from me was the 9 apps on the receipt from what I can tell and that's probably because I had only $10 store credit.

What really concerns me is that I changed my passwords for everything on Sunday when I had my phone replaced because the old phone would not allow itself to be wiped and the genius just powered it off and said they would have to wipe it via iTunes or whatever later. Still I changed everything just in case the old device fell into the wrong hands. I've had the old password for years and I finay change it and I get hacked 5 days later? I never even enter it on the computer I do everything having to do with iTunes via my iPhone other than syncing the phone to backup, so now I have concerns that maybe my new device has issues?

Anyways I have "reported a problem" and sent a lengthy email to iTunes support so hopefully I can get a refund. I seriously hope they don't try to act like it is my fault because I have no idea how it could be.

 

[ZDDP1273]

What if I made a purchase on my iPhone downloading an app but never got charged by Apple? I downloaded an app a few days ago and nothing has showed up on my online account management for my credit card. I guess this is the opposite of what everyone else is experiencing.

And my iPhone is jailbroken if that matters at all?