Home › News › Apple
Apple confirms 400 iTunes accounts hacked
According to the folks at Cupertino, App Store servers were not compromised in any way, so it's likely that affected users were victims of phishing, guessed passwords and other sorts of social engineering techniques. The company said that less than 0.0003% of iTunes users were impacted and assured that Nguyen, like any other developer, didn't receive any confidential customer data when apps were downloaded. Nevertheless, Apple advised users who suspect that fraudulent purchases might have occurred with their accounts to contact their bank, cancel the credit card in question and change their iTunes password immediately.
In response to the incident Apple is reportedly tightening security on App Store purchases -- basically, you'll be prompted to enter your credit card's security CCV number a little more often. This is certainly not the first time that users have had their iTunes accounts compromised as a result of phishing scams, but it's one of the first reported cases were an app bought using other people's accounts has dominated the charts. The incident has put fraudulent activity on iTunes into the spotlight, with reports emerging about alleged "App Farms" being used to scam users out of their money.
Related Stories
User Comments (14)
Post a comment|
paynetrain007 on July 7, 2010 10:35 AM |
Apple would put all the blame on the user... If it was all just phishing we would be seeing this large scale in almost every online market, but we don't. |
|
burty117 on July 7, 2010 10:59 AM |
Actually its quite small considering there is over 150,000,000 accounts and only 400 got hacked, so actually I kind of believe apple in this respect. I know Apple are masters of deception but I really doubt they want or are encouraging accounts to be hacked etc especially as they don't like to be known as "hackable" Really for Apple, this is a big step for Apple in accepting they are sometimes wrong and can be aimed for attack just like everyone else. |
|
Vrmithrax on July 7, 2010 11:41 AM |
400 is a relatively small number when compared to the total number of accounts, but it's not a small number. The thing is, hackers like this guy are smart - if they are smart enough to get the info they need on accounts, they are smart enough to keep things on a small scale and try to stay under the radar. You start making massive moves on a grand scale, and you get very VERY large dogs hunting you down, and the penalties for being caught multiply exponentially. The problem is, this guy was smart enough to keep the number of accounts to hack small, but not smart enough to judge how his app purchases would rocket up the app store charts and raise a red flag. He either got too greedy, or massively over-estimated the sales of other competing products, which left him standing out like sore thumb. It's a mistake to just shrug it off and say "it was a small number" here, because odds are good that it could have been a MUCH larger number of hacked accounts if the intent and will to risk the consequences had been strong enough. But, of course, you'll never hear that from the likes of Apple, they will just fluff unicorn farts and rainbows out at the public, while keeping secret just how severe any holes in their security are. Not saying that Apple is unique in this, nobody would want to hang their laundry in public view if it's full of stains and holes. |
|
TomSEA on July 7, 2010 12:12 PM |
LOL...you do have a way with words, Vrmithrax. |
|
kyosuke on July 7, 2010 12:42 PM |
... So do the users get their money back? So it is the users fault for itunes getting hacked, let alone Apple didn't find it weird that 400 users were buying the same App with the same IP address? |
|
Guest on July 8, 2010 3:39 AM |
umm thats an oxymoron: Apple Security sounds like the old1: Internet Security 
|
|
SNGX1275 on July 8, 2010 4:13 PM |
Apple didn't get hacked Guest, people's passwords either got guessed or obtained through social engineering. |
|
Guest on July 14, 2010 5:54 PM |
Oh yeah you can get your money back only after itunes tells you to call your bank and your bank tells you to call itunes.....then your bank will tell you that you have to have a police report of how much and all that......now it's going on a week and just finally got the police report and now the bank will file fraud charges and get it back hopefully.......DO NOT STORE YOUR CREDIT CARD IN ITUNES and change your password like at least once a month.....I don't know if it will help but I cancelled the card they charged that I didn't even have stored on itunes so I'm thinking maybe I'll be safe????? |
|
Guest on July 25, 2010 3:45 PM |
My account was one of the "400" that was hacked, and it was done via password guessing (even though my password was significantly more complex than the password that Apple gave me when they restored my account - "apple0710") My credit card company canceled my account and reversed all the charges, but Apple refuses to restore my iTunes balance that I had from some gift cards that I had gotten. I find it amazing that their security is so weak that someone can guess the password on so many accounts all at the same time, and then when it happens they just refuse to do anything about it. I will never buy another Apple product. |
|
jobeard on July 25, 2010 10:46 PM |
I find it amazing that their security is so weak that someone can guess the password on so many accounts all at the same time, Everyone recommends we should never use[LIST=1] [*]personal data [LIST] [*]names [*]addresses [*]birthdays [*]age [*]or any combination thereof [/LIST] [*]words in the dictionary [/LIST]but rather we need to use a combination like[LIST] [*]UPPER case & lower case letters [*]two or more numbers [*]at least one special character in the set {@#$%&*_-=+} [*]and a total length of eight or more [/LIST] |
|
Guest on August 18, 2010 3:14 PM |
400 Accounts? I think they need to recount. My account along with many others were attacked today and it looks like the attacks have never really stopped. |
|
SNGX1275 on August 18, 2010 10:58 PM |
Perhaps you should use a decent password. |
|
captaincranky on August 18, 2010 11:05 PM |
If your iTunes account gets hacked and your songs get stolen, who will the RIAA sue for copyright infringement, you, you and the hacker, or just the hacker? Perspiring minds want to know... Bonus question;"If an airplane crashes on a state line, in what state do you bury the survivors". |
|
red1776 on August 18, 2010 11:20 PM |
" I'll take airline crashes for 100 Bob" Bonus question;"If an airplane crashes on a state line, in what state do you bury the survivors". well you would take them back to their home towns of course and.......Oh!....you fooler!
|
Most Popular
| Trending | Featured |
-
Chrome 17 released with "instant" browsing, improved security
-
Windows 8 Consumer Preview coming Feb. 29, bundled apps leaked
-
Intel Core i7-3820 Review: Sandy Bridge-E for the masses
-
Apple sued for $1.6 billion for using "iPad" in China, apology requested
-
Scientists use heat to store data on magnetic hard drive