iTunes Account Hacked
I received an email this morning from apple saying that my account information had changed (specifically, my address and credit card). Since I didn't make any changes, I logged into iTunes from my phone and saw that my credit card information had been erased and the City and State of my address had been changed to Towson, MD. I promptly changed my iTunes password, and contacted my bank to cancel my credit card. I also contacted Apple to report the issue.
And it appears that there were at least two additional computers linked (authorized) to my iTunes account that were not authorized by me.
In doing research, I came across a support forum on Apple's site. It appears that there have been a number of these instances, virtually identical to mine, over the past few months. Fortunately, it looks like I got lucky and didn't get hit with any charges. Some folks got hit with hundreds of dollars in fraudulent app charges.
I guess I just wanted to put it out there and make sure everyone knows what's going on. Might not be a bad idea to check your recent purchases and make sure nothing looks goofy.
Last edited by Jemjee; 02-24-2011 at 04:00 PM.
- 02-24-2011, 02:50 PM #2
- 02-24-2011, 03:12 PM #4
A hack like this would be a big deal. Apple would have to notify people that their accounts were compromised.
Phishing isn't just email anymore, it's every where. They don't even need to enter data anymore, they can glean enough information to guess passwords and you never even know it.
True enough. But semantics aside, I was just trying to be a good forum member and keep people informed.
Here is the link I found on apple's site. It's just creepy that this is going on and apparently apple doesn't seem too interested.
Apple - Support - Discussions - iTunes store account hacked ...
- 02-24-2011, 05:29 PM #6
- 02-24-2011, 06:12 PM #8
Thanks for posting Jemjee. There are people on here that need to know that this can happen to anyone. Be diligent about checking your account and make sure your password is strong, and never click a link on an email.
- 02-24-2011, 08:51 PM #9
don't you guys get invoices for your purchases to your email? I wont for sure say the person was phished there are so many things that may have happen. They could have used a simple password, not uncommon. There might have been someone somewhere watching over the person's shoulder as they entered their password. It could be an old computer with the details still on it. There are just too many possibilities. Just make nice complicated passwords and don't enter it when others might see it. You could have invoices sent to you whenever something is bought.
- 02-24-2011, 10:42 PM #10
I'm not an expert or anything but I will say from all the awareness and trainings I have to sit through for the feds each year things have changed in the past few years with what they show us. They are far more concerned right now with phishing than hacking into their systems. It's much more than a badly worded email telling you that your ebay/paypal account has been frozen and to get it back you must update your information through the link they give you. With social media sites it's even easier for an attacker to slowly gain small pieces of information about a target and over time they have enough to build an attack to crack a password pretty easily. (I am sitting here rereading this and thinking how lame it is I've actually paid attention in these snooze fest trainings.)
Trust no one.
- 02-27-2011, 10:42 AM #11
- 02-27-2011, 03:52 PM #12
I was curious do you use wifi hotspots, coffee houses and hotels? I was wondering if when you are on some open wifi, and open iTunes, if your account and password can be read while iTunes is logging in?
- 02-28-2011, 04:32 AM #14
- 02-28-2011, 07:23 AM #15