So I get an e-mail from iTunes today stating that an episode for my new season pass for “Sophie” has arrived. The first thing I thought was that I accidentally clicked “buy season” when I downloaded the free pilot last week. But when I check the receipt I see six other items (in addition to the season pass) totaling $61.93! Not only that, I see another order for $5.97! Not a chance that I placed these orders (FYI, the orders were placed at 1 am and 5 am).
Here’s the really strange part:Almost all of the purchase was videos (tv, movies, movie rentals) and I think those kinds of videos still have DRM in them and no additional computers were authorized. What good are these to anyone if they didn’t authorize a computer? Can they even play them? Wouldn’t it have been easier to have just downloaded torrents of these files? These oddities make me think it’s an accounting error.
So I had to “report a problem” to Apple/iTunes for each of the 10 individual items. The e-mails went something like this:
I did not place this order for any of the 3 items on this order. Nor has my computer downloaded these items. It’s order XXXXXXXX I also have another order from today (ZZZZZZZZ) that I did not place.
I’ve changed my password as a precaution. I also tried to play some older protected/DRM’d music and it still plays (so I’m guessing if someone hijacked something they didn’t deauthorize my computers).
Gary LaPointe (phone ###-###-#####)
PS – These purchases don’t even meet my normal purchasing patterns.
My responses appear to be identical other than contact info (and I only got one response for each of the two orders):
Dear Gary,
My name is Jane Doe with the iTunes Store. I’m so sorry to hear of the unauthorized charges made with your iTunes Store account. I can certainly appreciate your concerns, and will do everything I can to assist in having this resolved.
With regards to financial reimbursement for the charges in question, these would have to be removed by a specialized team, designated to handle requests of this nature. I would urge you to contact your credit card company as soon as possible to inquire about canceling the card and removing the unauthorized transactions. A member of your credit card’s fraud department will contact the iTunes Store directly, and this team will resolve the issue. I apologize that I’m unable to remove the charges myself, but all unauthorized transactions must be handled in this manner.
If you suspect you are the victim of identity theft, please consider following these recommendations:
(they then gave 14 lines of tips that I cut out)I sincerely hope that you are able to resolve this matter with the help of your credit card company, as soon as possible, Gary. Please let me know if I can be of any further assistance.
Sincerely,
Jane Doe
iTunes Customer Store SupportPlease note that I work, Sunday, Wednesday, Thursday, Friday and Saturday, 12:30 PM – 9:00 PM this week
The identity theft issues don’t even make sense. Why would someone steal my charge card number and log into my iTunes account? The CC number won’t even get them into my account and if they had a CC number, they could just create their own new account and I wouldn’t have know about it for days. And Apple doesn’t display the account number. I’m thinking, it’s an accounting or some bits on the web got mixed up. And the responses were generic enough where I’m not 100% sure they read the post.
I did notice they they did include their working schedule, which was even evdifferent for the two different people who responded (neither of whom were named “Jane”), it’s a nice touch but they both had the same return address (although the “follow-up” code could possibly redirect it).
I responded with:
Jane,
I will have my charge card company dispute/remove the charges as you said to do below. I have changed my password.
I have four (4) questions below in bold.
Unless I’m mistaken, they only gained access to my iTunes account. They don’t have my charge card number, iTunes doesn’t display the number for them to see, correct? A charge card number will not get them into my iTunes account. If they actually have my charge card number, I’d think they’d charge more than $70 of music/videos and
So this is either someone guessed my password (which was letters, numbers and non-alphanumeric characters) or some data packets got mixed up as someone else was placing their order. Since I have the two authorized computers in my possession and I know no one else was here using them, I’m assuming the latter.
Can someone actually download songs/videos to a non-authorized computer if they guessed my password?
Since videos still have DRM, someone wouldn’t actually be able to play them, correct?Someone at the iTunes Customer Store Support can’t actually intervene in some way, at least to stop someone from downloading the season pass?
If it’s just an accounting error, it’s still going to download the season pass to my computer the next time I purchase a song.Without my new password I’m assuming someone cannot download more of the season pass. I don’t even see how they could have in the first place without authorizing a computer.
Thank you,
Gary
And I can’t even dispute these charges yet since they haven’t fully been charge to my credit card company yet.
If anyone from iTunes/Apple is reading this and wants to fix this. You can leave a comment below or contact me directly.
UPDATE:
Wow! Lots of people with similar problems these last few weeks (see comments below), but I’m the only one that didn’t seem to have gift cards purchased on my account.
So it looks like my charge card is refunding the two dollar amounts to my charge card. This is contingent to Apple not disagreeing with my claim. FYI, after I said it was kind of stupid that they weren’t going to cancel the season pass since I was disputing it and they were still delivering the shows, Apple did contact me to say they would refund the rest of the season pass (right around the same time).
PS – It appears the Apple does not allow you to cancel a season pass! This is insane, it’s to their benefit to get you to subscribe, the fact that you can’t cancel is a non-motivator. Obviously if it was a discounted season pass and you canceled it, you’d pay the full price for episodes already received. Just seems like an obvious solution.
I still don’t understand what they are doing with these iTunes protected movies/shows if they can’t play them? Why not just download torrents off the ‘net if they are going to steal?
MY UPDATE: I got Apple to cancel the season pass and I did get my money refunded from my credit card company. It was confusing the way it cam through, I might have actually gotten credited from the rest of the season too (so I might have come out ahead, but after all the e-mails/contacting, I’m sure I ended up way behind).
A news station is doing a story on this and was looking for some people in the Boston area. If you are interested in being contacted please state so in your comment. I’ll pass your e-mail on to them. If you put your phone number, I’ll pass that on too, but I’ll delete it from the comment (if you’ve never commented before your comment should not appear until I approve it). Sadly I never heard any more details about the Boston story after forwarding details to them…
fight fight fight!!
Don’t let the man win!!
My account was also hacked into today. Two gift certificates for $50 each were purchased. I have had my bank cancel the card to prevent any further issue, but I am anticipating not getting much help from Itunes. I will dispute the charges through my credit card but feel like Itunes should have a better answer to issues like this. In my case I figure the gift cards have serial numbers so Itunes should be able to track them and disengage them to prevent their use.
This happened to me today as well! Someone purchased 2 gift cards off of my account, and no one, and I mean no one has access to my computer with my iTunes account on it. I cancelled my credit card, I tried to contact iTunes, but can only do so through chat. I left them a message that unauthorized purchases were made from my account, and have yet to hear back from thenm. I’d be interested to know how someone hacked apple.
Wow, that is really weird. And I definitely don’t like hearing that it’s happening to other people. I’m going to change my password tonight.
same here…there is a pattern. Two gift certs. for 50 each…Bank told us to deal with Itunes. Itunes is yet to get back with us. Why is there not a phone number for issues like this where someone could be using the gift cards right now while we wait for Itunes to get back to us?
I’m just reporting it to my charge company as charges I didn’t make.
I’m making it clear I don’t think my charge card number was compromised, just that Apple goofed up some charges. I don’t know really have any more facts than that.
Anything else seems like it might complicate the issue. They’ve pretty much always backed me up before.
Recently I’ve been having issues with safari. I was not able to load it. Today I clicked on itunes to add music to my iphone and i was not able to get into my account. No purchases were made on my credit card because i have a hold on my credit card but the hold was taken off today. Should i cancel my card?
Same here, two $50 gift cards and itunes told me to work with my credit card company. I’ll post any updates.
Ditto – 2 gift cards for $50 each. Started a dispute with iTunes and canceled my CC. I’m disappointed to hear that iTunes/Apple is not being very responsive. This is there issue…not the CC company.
Wow, yeah trend indeed. I was hacked on Friday apparently, but found out last night after an additional $30 worth of movies were bought ($49 on Friday). Blocked my CC, getting a new card. Funny thing is, I changed the PW last night, then this morning there were attempts on my account to change the PW again (but the emails went directly to me). I changed it again after my last change stopped, then my account ID ceased to exist. I don’t know what’s up, but I HIGHLY urge any of you to take as much needed action as possible.
If the bad guys did get into your account, you may want to change your password reminder too. And you might want to change other accounts where you use the same reminder with the same password or e-mail…
More info: (I reposted this at the bottom of my original post above).
So it looks like my charge card is refunding the two dollar amounts to my charge card. This is contingent to Apple not disagreeing with my claim. FYI, after I said it was kind of stupid that they weren’t going to cancel the season pass since I was disputing it and they were still delivering the shows, Apple did contact me to say they would refund the rest of the season pass (right around the same time).
PS – It appears the Apple does not allow you to cancel a season pass! This is insane, it’s to their benefit to get you to subscribe, the fact that you can’t cancel is a non-motivator. Obviously if it was a discounted season pass and you canceled it, you’d pay the full price for episodes already received. Just seems like an obvious solution.
I still don’t understand what they are doing with these iTunes protected movies/shows if they can’t play them? Why not just download torrents off the ‘net if they are going to steal?
Wow- Itunes better do something about this because it happened to me too. I noticed because it overdrew my account. They only purchased one $50 gift card but since there wasn’t money to buy two maybe thats why they only bought one? Seriously- if you’re gonna steal something why on earth would you choose songs?? Get a life.
The same thing just happened to my brother. He got charged for 2 $50 gift cards. I’m curios because it’s my computer he uses and I don’t know how they got to him.
I also had two gift cards charged to my account. And the strange thing is I just checked my other credit card–one I never use for i-tunes and it has two one dollar pending charges from itunes–Very strange–and scary!!
I am glad I found this website. The exact same thing happened to me (two $50 gift cards were purchased under my account). Apple told me that my bank needs to contact them directly in order to dispute the charge, and my bank doesn’t believe that it is a fraudulent charge. I sent another email to iTunes Support and gave them a link to this web page. Hopefully they see that a lot of people are having the exact same problems, which means either a very methodical criminal or some sort of software problem on iTunes’ end.
Hopefully we can all get this problem resolved, and soon!
I just found out on the weekend that my ITunes account was hacked also, in 8 days the hacker ran up about $900Cdn. I have cancelled my credit card, changed my login and password on ITunes and took a sledge hammer to my IPod touch. I’m going back to FM Radio and cheque writing! The fraud department for my credit card is investigating. I would suggest that if you have an alert program available for you on your credit card that you activate it immediately. When you purchase anything through Apple using your credit card check after you order to ensure that your credit card info is not stored on your PC and also that you know how may PCs are authorized to use your account and that in fact they are authorized.
I just wanted to chime in and mention that the exact same thing happened to me today. 2 unauthorized charges of $50 for gift cards.
I’ve since changed the password on my iTunes account, removed my credit card from it and had my bank disable my debit card and send me a new one. Any other suggestions as to what to do? I’m pretty sure whoever did this won’t be able to access my actual bank account, seeing as they would only have my debit card number and not have access to the actual checking account number, correct?
Gary, I had a season pass and several songs downloaded to my iTunes account as well. I have emailed Apple, but no reply in three days. I have filed a dispute with my credit card company as well. My question….how do I remove these items from my download file? I do not want to download an entire tv season worth of shows in order to delete them from my account….is there another way to do this?
Thank you. So glad I found all the postings here.
Same thing happened to me today. One $50 gift card. iTunes was no help, I’m filing a dispute with my bank and will hopefully get refunded. Changed my password and took my card off my account. Really annoying! I’m going to amazon.com for future digital purchases!
Me too. I had a £30GBP gift card bought. Only noticed when I was updating my iPhone apps, and a message came on my screen in Japanese. Logged on to the computer and found my address had changed to Japan, but the secondary email account was based in China.
Same exact situation as others: 2 $50 itunes gift cards purchased using my account. WTF? This is a whole new level of bizarreness.
I had a similar problem right before Christmas. I reward my daughter for doing chores 3 songs a month off ITunes. Sunday she had got her reward of 3 songs and where purchased. On Monday I got my in my email and saw 3 songs where purchased along with 5-$100 gift cards purchased (purchased separately) within a minute after the song purchase.
When I contacted ITunes they had me call and cancel my CC. Which I am the same page as you I really didn’t think that was necessary, they didn’t have my CC # they hacked my ITunes account and you can’t see my CC#. My biggest issue with this whole ordeal is at that time before Christmas they canceled my ITunes (Apple) account. Which means the next time I burned a disk and uploaded the songs to my daughter Ipod all my purchased songs where disabled.
Now how did they get my account to try to purchase gift cards?
They can’t do it with the CC#, so canceling credit card was a hassle and waste of time, but necessary to get the charges taken off.
So the next option is that they got my account with a key logger. Well I run McAfee with firewall up, windows firewall, and my Linksys router has a firewall. I have run scans of my hard drive of inappropriate software on this PC and found absolutely nothing.
My conclusion is that Apple (ITunes) is not secure website and have holes in their security and are compromised on their end.
This blog has kind of verified what I have thought for months and wish I could prove.
I have had the same unbelievable experience with itunes. What’s unbelievable is that they are able to hide behind “legal” protection to sit and watch while their site is continually hacked into and account information stolen. I had gift cards charged to my debit account and have had the same experience you describe above. Itunes absolves themselves of ANY responsibility and takes the stance that I must have had my debit card stolen somewhere and the person decided to only go to itunes to buy some gift certificates. It is limited to ITUNES ONLY. I have no other unauthorized charges. It is beyond obvious someone was able to hack into my itunes account and charge gift cards for themselves. Itunes wil not help me track who it is, get my money back but rather sends me sugary sweet form letters letting me know how sorry they feel for me and it’s not their problem, call my bank. Someone please tell me how they’re getting away with this? I guess it hasn’t hit enough people to be an outrage yet. The injustice of this is incredible and what’s more incredible is that ITUNES is bullet proof.
Wow…it seems there is a pattern to all of this. I have had the exact same thing happen to my itunes account. 2 50 gift certificates, and the exact same emails from apple. I’m wondering what systems people are using? I am using a Mac and was under the impression that there was really no key-loggers out there that made mac’s susceptible. does any know if there are?
Hey, i found this website actually searching for something else but the same thing happened to my friend about a month or two ago. His account got hacked into including a password change, and he had around $50 of charged items, although he eventually found out his cousin had hacked into his email and changed his password that way and bought music and movies. Being someone who prevents hacking really well, Its not itunes that gets hacked. Its email accounts. OK BACK TO WHAT I WANTED TO SAY. Well Recently if anybody ever looks at Craigslist, because i go on about every day to find music equip., you’ll notice alot of people selling $200 giftcards for like $100, 150 for $**.00, 100 for $**.00, and so on and so on. and theres also people selling multiple $50 cards and such. I’ve always thought it was strange how people would sell such high priced itunes cards for cheap. But maybe it has something to do with all these people getting their accounts hacked?? I just took off my credit card from itunes after reading this. I plan on going to buy a prepaid credit card and putting money on it when i plan on buying things. I would recommend alot of people doing that as well. Its fail-proof. I mean you may lose out 20 bucks or however much you put on it but it saves the hassle of going through itunes and your credit card companies.
Same here – I have removed my credit card from iTunes. When I reported the problem, they very sweetly told me there was nothing they could do. Their system can track you all over the place, but they can’t track who is using stolen gift cards?
Add another victim to the pile. Luckily I had my email open, so the notifications popped up immediately. Sure sounds like there’s some kind of exploit out there, though. Funny thing is – I haven’t even signed in to iTunes for at least a month. Sounds to me like they’re hacking something on the Apple end of things.
Add another victim. I also had email open. I was hit for 2 $50 gift cards and have removed my credit card from the account. I think Apple iTunes accounts are getting hacked, not my email. Major headache with my credit card company all day today. Yuck!
i woke up this morning to find that i had 2 receipts for $50 each for gift cards made out to random letting for names to my bank debit card. the same card i used to purchase items through itunes which is stored on my itunes account.
i contacted apple and they have stated that they will forward this to the correct dept and will contact me within 24hrs.
i have also contacted my bank and canceled my card, which i have to wait up to 10 business days to receive a replacement/new card. my bank had instructed me to have apple call them to reverse, apple states to have my bank call them to remove/reverse the charges made.
after doing a few simple searches on this occurrence online, i find that there are others that have gone through this and some saying that apple will not reverse the charges.
apple’s customer service has stated to me, upon being asked, that the cards have not been used. i then asked why can we not just cancel these cards and refund my bank the charges? i was then stated it was being handled according to apple’s company policy. i also asked as to where these charges where being made from cause i was suspecting that apple’s secure account information server had been compromised and/or hacked. it was then stated to me that they cannot release this type of information.
now, i fell asleep watching videos in bed on my laptop last night. woke up and checked my emails, still in bed, when i noticed the 2 receipts for the $50 gift card charges. i immediately jumped out of bed and began contacting my bank and apple.
i found a reporter for FOX on another website stating they are looking for similar stories to do a report.
you can contact this reporter for FOX who is looking to cover this on national television.
there email is: ray.parisi@foxtv.com
i also reported this on GetSatisfaction.com
where over 225 people are just reporting the same problems.
follow up:
apple has stated that they WILL NOT reverse the charges even though the charges have not cleared my bank account.
also, my bank has stated to me that they cannot prevent these charges from going through and that i must wait for them to clear to dispute them because apple will not speak with them to provide an authorization code to cancel the fraudulent purchases. if apple cannot prove i authorized these purchases i would be reimbursed.
the only problem is that when i agreed to keep my financial information in itunes to make purchases, i had already agreed to future purchases made through that account.
apple has stated to me that they cannot reverse purchases for gift cards due to not being able to cancel a card that is already out and about.
but the thing is that these cards where purchased online (apparently) through my itunes account and they have a number to track them by. so why not just put a stop to them?
Happened to me last night. Two 50 dollar gift cards. Apple told me to contact my bank. All I can do is wait for my bank to investigate it cause apple isn’t going to do anything about it. I think it would be smart to contact the news media about this problem. There are A LOT of people with this same issue.
oh my goodness, I have also been hit with the 2-$50 dollar cards today. Reading all your comments, I’m guessing I will be hearing from Itunes soon and contacting my bank to try and get a new card, or get the charges dropped.
I also had 2 unauthorized $50 gift certificates charged on my account over the weekend. Getting a non-response from iTunes. I searched the web and this site in the only one I found. Does anyone have any other resources on this issue?
Thanks,
m
Wow, this happened to me today. Oddly enough: it was done two hours BEFORE I purchased a song! This was for one $50 gift certificate. This was a “print” certificate, whatever that means. And the line-item in the receipt from Apple states “Gift certificate for (MY ITUNES PASSWORD WAS RIGHT HERE!)”
Apple’s support rep in their live chat, obviously, could only confirm that the certificate was activated to another account, and could not give me any information on that account for privacy reasons. Hah! Privacy, right?
I am not certain if I’m safer because my account is linked to PayPal. My PayPal balance is 0 and is set to take money from my bank account. I’ve heard both sides of the debate on their customer service. My PP password is different. Whoever got my iTunes password has no access to my CC#. I changed my PayPal password and security questions anyway, as well as my iTunes password and security questions. I have opened up a complaint on the transaction, and am a little leery if anything will be done. I have had a previous problem with another online vendor, and my bank swiftly and quickly took care of it for me. If PayPal won’t help, I have more confidence in going to my bank about it.
This morning, May 27th I received an I-Tunes receipt for a $50 gift card. The explanation on the receipt said “Gift Certificate for sunset” This is important because “sunset” was my password at least until I received this email. I changed it and removed my card info from my ITunes account.
I immediately contacted I-Tunes thinking they made some kind of error and was only able to “chat” online, but no sooner than I mentioned the charge, they told me there was a fraud investigation going on regarding the transaction. When I asked who initiated the investigation they said they couldn’t tell from the notes on my account, but it was probably my bank. I purchase quite a bit from I-Tunes and I would find it very strange that my bank would randomly take exception to a transaction like that. I called my bank and they said they did not report or begin a fraud investigation. They checked my account and saw the pending charge. The bank rep said that for some reason the transaction just didn’t post and most likely it was on the vendor’s say so, in this case, I-Tunes. Chatted again with another I-Tunes rep who advised me to cancel my credit card. I really don’t think it was my card information that was hacked, but I-Tunes themselves and they don’t want to admit it because it would mean they would actually have to DO SOMETHING.
Christina, and others (if they’re reading this as the last message is a few weeks old), please keep us updated on what happens with this, either with your bank or with Apple/iTunes. I’m checking my various accounts, my bank account, PayPal, and waiting for PayPal’s complaint cycle to complete.
I had two iTunes charges on my debit account, one for 9.99 and the second one for 1.00. I called ITunes regarding the transaction (had to call the corporate number to get somewhere) and the iTunes Fraud Department could not find the transaction! Kicker is I don’t even have an iTunes account. Since the charges are still pending, the bank refuses to do anything. iTunes doesn’t want to call the bank or void the charges. I will just have to wait for the charges to be completed and file a dispute.
Add me to the list….2 – $50 gift cards unauthorized on May 26th. The thief changed my logon ID, so I wasn’t notified of the purchase. No other account changes or activity.
iTunes admitted that the gift cards were purchased and disabled. Here’s what iTunes had to say after 15 emails going back and forth where I requested a return of my money: The Gift Certificates weren’t canceled, they were disabled. This doesn’t allow the recipient to redeem them to their account. The purchase did go through but the recipient of the Gift Certificates won’t be able to use them. I cannot refund the purchases because this is considered a fraud case now.
Since I cannot help with this issue any further, Apple now considers this case closed. Any further correspondences received about this issue will not be answered. If I can help you with anything else regarding your account please let me know.
Here’s what Paypal says: We have completed our investigation of your claim and have determined that
this is not an instance of unauthorized account activity. At this time, your claim has been denied.
I had two gift cards redeemed on my account this past Saturday. Someone changed my password so I can’t access my account.When I try to change my password I get a “Sorry..technical error has occurred”..I have tried to talk to apple but without a password I can get NOTHING!!
i had two $50 gift card purchases made on my account. Luckily the hacker didn’t change the password or account info so i was able to log in. I changed my password and security question and removed the CC on file to be safe.
I also checked the purchase history and got the redemption codes from the cards and immediately applied them to my account and it worked! I’m in the hole for $100 on itunes, but at least it’s on my account and if someone is trying to sell the codes they will be useless. It looks like the hassles with itunes and banks can take weeks, and I’d spend a $100 in a few months on iTunes anyway.
it sux, but at least i sort of got my money back. :-(
Add me to the list too – I couldn’t get into my iTunes account and I assumed I’d just forgotten my password. The thing to reset it didn’t work, so I contacted Apple who reset my account for me. I noticed that they were quoting my AppleID as something slightly different, then it dawned on me what had happened. Sure enough, someone had got into my account, changed all my details and had set up a monthly gift of a £10 voucher. (A small enough amount that a lot of people probably wouldn’t spot if they purchase music regularly).
I got the same copy-and-pasted email about fraud that everyone else gets, so I emailed them asking how it happened and why they’re not doing anything to stop it happening again. Even my secret security question and answer had been altered by the hacker! And why didn’t I get an email notification letting me know my username and password had been changed? Other sites I use always do this, so you can spot any funny business. Obviously the same thing’s happening to loads of people, and rather than confront the issue they’re just passing the buck to the credit card companies to sort out. Poor service from Apple!
I have been trying to get to the bottom of my debit card being “drained” since mid May. My account has been debited 4648.00 between Mid Jan. and May 8th when I discovered something MAJOR going on with Itunes charges.
ITunes has not attempted to assist me with this problem; I am irrate that a company would not have anyone in customer service even respond/ return emails/calls.
I am somewhat relieved that others are stepping up to discuss this issue.
I will keep updaing my findings in hope of assisting others with this issue.
I feel that we can get to the bottom of this much easier by communicating …in a careful way.. if such is possible.
My bank account was hit for $50 for the purchase of a gift card this week. I’m also unable to login to my account. This is unbelievable.
I just read the reply from iTunes regarding the case I posted above. Yet another copy and paste reply washing their hands of it and saying that security is my responsibility and not theirs. None of my specific comments were directly addressed. I’m not that bothered about losing the £20 now – I’m more angry at Apple and their wall of jargon that absolves them of all responsibility. I won’t be putting my payment details through them again. I wish there was more I could do, but it feels like there’s a wall that you can’t get past. I want a human being to actually look at my case and the countless others that are all in the same situation, admit that there’s a serious problem and do something about it.
Apple used to seem like the plucky outsider, an alternative to the big corporate giant that ran the computing world. Not any more. I think more and more people are starting to lose faith in Apple as they grow bigger and bigger and care less and less about their customers.
the best protection at this point is to remove your credit card from the site and simply load it with prepaid iTunes cards purchased at the store.
I had the same deal……….a couple of gift cards @ $50 ea. Apple never contacted me I figured it out for myself by calling and asking about it. They still never acknowledged that it happened. I finally got a littly pissy with them and then they said that they could not help me any further and suggested that I talk to my legal representative. The main problem is that whoever hacked me changed my account name. Now I have to use their account name as my account name/email is already being used but the password was changed to whatever the hacker used. No thanks. They can’t fix that for me for security reasons. What a joke. I threw my iPhone in the sewer and will stick with Microsoft. I hope to see Apple in the sewer soon as well.
I think my Itunes got hacked too, because on my computer, it says I have XYZ and on my sis’s it says mine is $20 less.
PayPal gave me the same BS a lot of you got and denied my claim. I took it up with my bank (Wachovia) and they took care of it. I sent all the information I had (e-mails, invoices, even a story about the trouble with iTunes hackers) and within a few days, the money was returned to my account.
Take this problem up with your bank and provide proof! WHen you get that money back, spend it in the Amazon MP3 store or something. ;)
Same here. I was recently unable to log into my itunes account. I contacted apple and found that my e-mail address had been changed and 2 $50 gift cards were purchased (apple told me that there is a $100 purchase limit each month).
They told me that nothing could be done to cancel the gift cards and that I must contact my credit card company and file a dispute. THIS IS CLEARLY APPLE’S FAULT!
Has anyone heard any news media reports yet? Apple has not e-mailed me back to give me any more information about what is happening. They remain silent.
**** Whoever hacked into my account now has all kinds of personal information: My password, e-mail, home address, security question and answer… This is all because of Apple.
— And if your account was hacked, they have that information too!! —
What can we do?
I am going through the same BS with Apple on this. On July 10th I saw my paypal account and 2 transactions were made by iTunes. One was for $1.04 at 5am and another was for $42 at 7am. For one, I was sleeping during those transactions. Two, paypal denied my resolution dispute regarding these 2 unauthorized transactions. Three, my whole account with itunes has been changed, so I cant even log into my itunes account. Now I have been in contact with someone from Apple who, after giving them all the information, claimed she “re enabled” my account. It still has not been re-enabled. I already contacted my banker about this and they are investigating Apple regarding this matter. It is really sad to see how many people this has happened to here. Seems like Apple needs to do some hard fixing up of their security of itunes accounts. I have since canceled my paypal account with itunes.
Yesterday, someone charged over $300 through my iTunes account. Luckily I noticed it earlier this morning and contacted my credit card company. They canceled the card and were sending me paperwork to complete. I contacted Apple about the disputed charges, and they were not of any help.
The thing is, you can’t even log into your iTunes account and see your charge card info.
So I don’t think canceling your charge cards will help. If they actually had our charge cards they’d buy other things too. But since they are just buying iTunes, I think somehow they are just breaking into our iTunes accounts :(
Yes, I’m sure you are right and I probably overreacted.
Unfortunately, I cannot make any purchases through iTunes until all disputesd charges are removed, as the outstanding balance did not settle when I canceled the card. That could take months; however, given iTunes nonchalant response I’m not sure if I want to purchase from them ever again.
Oh wow! This is ridiculous. I found out today that my Itunes account has also been compromised. There were 4 different purchases, all in a 30 mins span, coming out to a total of $160. This just shocked me. Here I am with a buying habit of 1- 2 items every 2 months now faced with this shocking event. I contacted Itunes and they gave me some generic response that it is not possible as Itunes is very secured… hello, maybe not as secure as you think it is. So now I cancelled my credit card, changed my password and trying to follow up with Itunes. I am a fan of apple, but if this doesn’t end well it is going to leave a very unpleasant taste in my mouth. Has anyone else gotten anywhere with Itunes?
wow! I thought I was the only one with over $670 worth of charges on my card with all transactions between 1-2am (13 in total)I am diffinatly going to dispute the charges with Visa but trying to access a copy of purchace history which seems to be impossible through Apple for proof. Any suggestions?
This happened to me too – they made transactions of £140 in total, with a further £20 pending (due to insufficient funds).
I contacted my bank who’ve set up disputes, and I sent off 1 ‘report a problem’ with all of the invoice numbers relating to the issue, like you did.
I can’t believe that someone has done this!
James
Well, this won’t end. I don’t know what to do anymore. I had 7 fraudulent charges, and when I canceled my card only 6 posted. This left one charge outstanding, so I am unable to use my iTunes account until it is billed. The problem is, Apple won’t reverse the charge. Their solution? None. What they are hinting for me to do is enter a new card number and let the last fraudulent charge post to it, then call my credit card company and report it as fraudulent, starting the entire process over that I had already finished with on the 6 previous charges.
What is the solution here? Any tips? I suppose creating a new account would be easiest.
Something similar happened to me, too. It happened a few weeks ago but I didn’t notice it until last week. Someone had purchased $23 and then $49 in applications. I don’t even have an iPhone or and iPod that would support applications. iTunes basically said they couldn’t do anything and I had to contact my credit card company. I went to change my password and saw that my security question and answer were changed. I could’ve still guessed the answer based on what they changed the question to but the answer was zxczxczxc. So, I changed my password and took my CC off of iTunes. I chatted with someone on iTunes who was just awful. We kept going round and round. All I wanted to know was if there was anyway to block the purchase of applications on my account. After about 10 minutes, I found out that that’s not possible. I can see the purchases in my history but they aren’t on my iTunes anywhere. Very weird. But I too, am frustrated with the lack of help from iTunes!
Something odd happened to me, but not as dire: I was mailed TWO $15 iTunes gift cards. Checked my e-mail and it says “Thank you for your purchase, George Montgomery!” – My name is surely not George Montgomery. However, this Mr. Montgomery was the one who paid for it…I did not. It’s his billing address and my mailing address in my apple account information. Weird. Only similarity I can see is we have the same apartment number (different state/city though). Very suspicious…something is going on with iTunes/Apple.
That was kind of how I felt about the whole thing. That someone made a purchase and it incorrectly sent the items and bill to the wrong account. It doesn’t make sense (read my original post above), the video is protected they wouldn’t have been able to play it (once I de-authorized the machines). And they certainly wouldn’t have gotten the rest of the season pass….
My account was apparently hacked into also yesterday. I have had eleven receipts e-mailed to me over the course of the day today totaling approximately $400. I got the same run around. They can’t reimburse me. I have to go through my bank and file a fraud affidavit tomorrow. It’s pretty disappointing. They removed the card number from my account and I cancelled the card. I will never do business with them again and will be sure to spread the word.
Update … There ended up being twelve transactions totaling $538 plus dollars and one that didn’t go through because I cancelled my card. Apple has a generic party line response it seems for everyone. It was also implied that the security of my bank might be compromised and was told by one customer service rep. specifically that the site was only as secure as my password was good. And that if I cancelled my account with them I would likely lose the rights to play the music I had previously purchased and downloaded onto my IPod. Huh?? Guess we have to watch out for the IPod police now.
I filed a fraud affidavit with my bank, but the charges won’t be reversed until the fraud investigation is finished. Ridiculous.
P.S. I AM from the Boston area and would love it if this got some press. I am reluctant to put my phone number in this e-mail just in case it doesn’t get edited out, but you can give the TV station my e-mail.
I just had my account hacked as well this week. I had over $600 in charges in various amounts…mostly books and movies. When i was changing my passwords/questions/etc., a weird thing came up saying it was going to send an email to my account that ends in “mcla.edu” – i don’t have this email address. i am NEVER using ITUNES again and i am going to tell all of my friends my story. This is so disheartening as Itunes/Apple has to know of some kind of security breach for it to affect so many of us. This is RIDICULOUS!
I too have just have errant itunes purchases… i feel lucky as most of them are for free apps.. one was £12 (UK)… i’ve reported it. Reading some of these reports I feel like i’m the lucky one!
Not quite a similar problem?? logged onto iTunes 9/19 and was asked to update to version 9. It was taking a long time to finish the download. I minimized Apple and saw that iTunes was loading tv shows 3 or 7 and 2 already downloaded. The new version then gave an error message yet the downloaded completed. Now, I have or 5 shows that are waiting to be downloaded and each time I go to the site, they say they are waiting for download since i stopped it. I have gone around on their website for help/contact us/email and see no way to contact these people except for if you want to buy something or recently bought something. My wait time is 20 minutes when I call. I tried the feedback method hoping they’d read it and give it to a problem solver. I have not been billed yet since the rest of the downloads are pending. Anyone know how to contact a real person or email to stop these downloads and avoid the charges. My pattern is music, music videos and free previews of movies. Pending is Season 2 of Heroes? and I don’t know what else. I have something else downloaded for 23 minutes and no clue as to what it is. How do you get a hold of someone when they could care less when you have any older style iPOD?
Hi, ANOTHER ONE TO THE LIST!!
I checked my credit card statement and have had 29 transactions totaling $1158. 00 (mind you there is another $300.00 of pending amounts) all on the same day and all of amounts that are more than albums cost ($17.99 or similar) like $33.98, $59.35 etc etc. Tried to chat with someone on Itunes chat and they said they couldnt do anthing – they just copied and pasted the standard response saying to contact the banks fraud department who will in turn contact Apples Fraud Department. Oh yeah tried to log into my account and what do you know the password is incorrect – and I cant even change it on the web – my account does not exist!!! APPLE are USELESS – I have always been a fan but now….. So cancelled my CC and the bank is looking into it – also asked apple to suspend my itunes account which they said they have….but im not sure. Also sent an email to Apple’s complaints – I still dont know why they do not provide a service to discuss your account over the phone – this seems like a global problem.
Add me to the list. Multiple purchases, some for “free” apps that actually had oddly priced charges on them. Movies, TV shows, music, and apps. No gift cards (yet). Luckily I caught it the same day. I had my account paid via Pay p^l and I got not only the standard form letter from Apple / iTunes but a flat out denial of any assistance from Pay p^l when I filed a dispute over there. Color me disgusted with them both. I’m definitely taking this up with my bank. Also? I had a secure password set up so I’m still not sure how this hacking is going on but I sure wish it would stop.
I bought songs on iTunes on 2 occasions and when I received the e-mail receipt from Apple, I noticed 2 charges for $9.99 each — both for software — and neither that I made. I called Apple support and was told these 2 items were charged to my Am Exp acct via iTunes and each was sent to a MAC for an iPhone (neither of which I have).
I called Am Exp and told them the situation and was given credit for the $20 fraudulent charges. The Am Exp rep told me this had to be an Apple billing error — only my 4 computers are “authorized” to play any purchases and my credit card info is not made available to anyone without my password (which I immediately changed).
None of this made any sense, unless you accept that Apple is the culprit (albeit unsuspecting). Some glitch in their system allows this to happens, and only credit card companies can exert pressure enough to make them change.
Same thing for my GF… she had 60 dollars worth of charges that she did not make. Pay Pal says they “investigated” and found it was not fraud.. the reason? Because she linked pay pal to iTunes. Therefore she agreed. Circular logic. Apple says it would be “illegal” for them to refund her money because it’s a fraud case. Riiiiiiiight. Makes sense. Apple also says that if they refund the money they can’t prosecute. As if they’re actually trying to find the person. She asked how her account was hacked and for tips to prevent it and they said “it’s her responsibility” to keep her password safe. As if she wrote it on a cocktail napkin and left it at the bus station or something.
We are from the boston area… want to help report on this travesty.
I just received multiple receipts for purchases through itunes. All of mine were for music, movies, or something, not gift cards. However, it is total of around $60.00 so far so I guess I’m lucky compared to some of you. Itunes/apple is now closed and cannot help me. So I went online and tried to remove my cc from my account at first it will show that it was removed and that no cc is on file but when I log out and back in, my cc info is back in my account. I changed my password and called my bank and cancelled my credit card. I have to call back Monday morning to talk to a dispute specialist with my bank. I hope my bank is good about this. As far as I can tell Pay pal and Apple suck. I hope this gets enough national news coverage that Apple will be forced to step up to the plate and take some responsibility. I guess Apple lost our business after this. Here I come Mr. Gates!!!!!
Same story over here in CA. Someone bought a $50 gift card on my account. Apple says, “It’s your responsibility to keep your account & password safe.” Thanks Apple. I do. Being an IT pro, I checked ALL avenues to see if someone could have keylogged me or otherwise nabbed my pw from my computers. My whole network is clean as a whistle.
The really frustrating thing is that I check my bank account nearly every morning so I saw this transaction before it even cleared. Apple STILL would not take any action. They said it’s “up to you and your CC company.”
If Apple is going to keep cards on file my spider-sense tells me there is some law (or something in their merchant agreement) that says THEY have to protect us. It doesn’t sit right with me that this is “my fault” and that Apple won’t do a thing to help.
Apple, there is a class-action awaiting your class-act.
I had noticed my credit card had been maxed out and called to find out what was going on as I should have had plenty of money in there. I was informed I made a bunch of iTunes purchases, the first one for $1.01 and then several more for large sums of money. I most definitely did not make these purchases. For one, I bought a new computer a few weeks ago. My old computer has been disconnected from the internet since then, and I haven’t purchased anything or even synced my iPod yet on my new computer.
I tried to log in to my iTunes account while on the phone with my bank but could not because it said my password was invalid. Recovering my password also does not work, and my information must have been changed as well because Apple’s website doesn’t recognize that I have an account. My bank said they can’t dispute the charges because they haven’t been posted yet.
I tried phoning apple and was told to go to their website as they don’t support iTunes over the phone. I can’t even chat online with someone because I live in Canada, and they haven’t responded at all to my e-mail.
I live in Canada, but have a Boston number (which is what iTunes would have had) so I’m not sure if that’s part of the reason why my account was stolen or not. Has anyone gotten there accounts restored? Can’t apple tell when a persons account information has last been changed, and restore it to the original user?
I am so glad I found this page and discovered I am not the only one! I got a call a few days ago from my credit card company concerned that my card had been used fraudulently. 12 x iTunes transactions totalling £260 had been made all on one day. I cannot understand how this happened. I haven’t bought anything on iTunes for a while and I only ever enter my password via iTunes on my computer (I have never clicked on any dodgy links in emails etc). No one has access to my computer. My computer (a Mac) is secure etc. What is maddening is that my iTunes password is not recognised (I guess the thief changed it), but the reset password thingy just doesn’t seem to work. Getting in touch with Apple seems to be really hard (I’m in the UK) so I am not sure who to turn to next – arg!
Add me to the pile of ripped off, pissed off individuals. I tried to log into my iTunes account only to find that I couldn’t. It didn’t recognize me. I tried to recover the password, but got an “unrecognized error”. After several trips through various forms and emails, I finally got someone who reset my password. So I logged in using the (unrecognized to me) email address now associated with my account only to find that my username, password, email address, security question, etc. had been changed. Then I saw that someone had charged nearly $600 in apps for the iPhone and iPhone touch.
A number of things should have set off the security alarms at Apple. How about the fact that the email address that was used goes to an email account on a Chinese domain (despite the fact that both the account and credit card were for an American)? How about the fact that there wasn’t a device that could use the device registered with the account?
I finally got Apple to admit that there was a problem, but they said that I HAD to go through the credit card company to get it fixed. When I called my company, the rep said it was the fourth call today that she had fielded that was almost the same. I’ve had to cancel my card, change all of my passwords, etc.
Apple should be a little more on the ball with their security. But, as I told the credit card company rep, Apple has zero incentive to do so until banks start leaning on them to clean up their acts or else.
Grace – my credit card company said a similar thing. They said warning bells start ringing when they see iTunes popping up several times on someone’s account so it’s obviously happening a lot.
+1
http://dsoguy.blogspot.com/2009/10/what-to-do-if-your-ihacked.html
I too have been hacked with 6 different payments totally £120 and itunes won’t let me reset my password have emailed them but still waiting….Payment was made on a debit card not credit so I probably won’t get the money back the annoying thing is the bank phoned 2 years ago with something similiar someone trying to use itunes testing my card by buying single tracks and they stopped them for trying to spend £1.50 but didn’t manage it this time!!!
Me too – I had a letter from the bank telling me I was overdrawn. Checked my statement on-line and saw 9 iTunes purchases around the £20 mark all on the same date – total £212. I cannot get into my iTunes store account – it says my ID does not exist etc. Great, huh?! It seems impossible to actually terminate your iTunes account, because you need your ID to get in to do anything, of course!
I had a very small amount put through my account on 18 October but only came aware of it when I tried to log onto itunes and found my password wouldn’t work. When I got in reset by Apple the account name was something obscure. I have had to cancel my CC and change my password on itunes etc. I have also set my payment method to None so that I don’t have anything stored on itunes. Have warned everyone I know about this.
Why doesn’t Apple have a separate place to hold your email address rather than just your account name. I didn’t get notification that a transaction had gone through my account. Just pure luck that I tried to log in and found the problem. Apple very unhelpful and sent me the standard response- get onto your bank as we don’t refund! Pathetic.
I caught mine before anything was charged as well. I cancelled my cc as a precaution because being in IT, I do know they have programs that can decrypt information behind the stars. I discoverred my hacking occurred when I tried to update an app and it told me my password was wrong. Contacted apple and at first they told me nothing was wrong finally got ahold of the billing department and the original account had been changed to a fraudlent rocketmail account. It’s straightened out now before anyone could put fake charges on me, however, apple needs to seriously investigate how these hackers are getting a hold of and into these accounts.
F-ing Apple! Stupid iTunes killed my last desktop PC a couple years ago, and now that bastard website is out to get me again! I had my email open an hour ago and saw a new Receipt from iTunes. Apparently, I purchased an app last night for $4.99. Which app? I have no idea- the name is in KOREAN! And I had no clue what it was! I immediately reported the problem, then changed my password. I found this thread, and then immediately deleted my CC info. The only positive in all this? I had recently redeemed a birthday gift card from someone (and it has to be legit, this is a very honest family friend), so the purchase only drew from my store credit. Apple better give that credit back to me though, or there will be hell to pay!
mine got hacked as well — could not log in when I called I was told that my account had never existed
on providing all the information I am told the address is marcelo blanche @elvisfan.com
my security questions were changed as well
had not realized that itunes is so prone to hacking
Just had $279.80 charged to my bank account from itunes today. Two $50 gift certificates were purchased for Maritz Millan… Itunes won’t do a darn thing about it either. Seven charges from $4.58 to $59.06. I spoke with three different people at itunes and they just wanted me to go through the internet and do an online chat. Online is what got me into trouble in the first place! I don’t trust handling this fraus issue online! I wanted to speak with someone, but that didn’t do ANY good. Paul, a so-called supervisor just kept saying to call my credit card co. Well, I already did that and cancelled my card, changed my password on itunes and removed my credit card info from itunes. But itunes did not even want to know the disputed charges!!! I even said gift certs were purchased, don’t you want to know the reference #’s so that you can stop them from being used? They didn’t want the info! I cannot believe it! Looks like this is happening a lot too, seeing these posts on Google. I contacted my local Police Dept. unfortunately they do not handle internet crimes, but he gave me a website to submit the crime: ic3.gov
I am not just going to let this go… I will be contacting 3 on Your side and whomever else. Even if I get the money back from itunes or my bank, there is still a criminal or criminals out there that need to be punished. God will punish them further, but I will see to it that they stop this now.
Go to ic3.gov to file a complaint! If enough people are heard then Apple is more likely to do something about these issues!
Complaint Referral Form
Internet Crime Complaint Center
——————————————————————————–
Thank you for filing a complaint with the Internet Crime Complaint Center (IC3).
Your complaint has been submitted. Once processed by the IC3, you will be sent an email containing your complaint id and password to be used for future contacts with the IC3. This process can take several hours.
The IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 aims to give the victims of cyber crime a convenient and easy-to-use reporting mechanism. If you have comments or problems related to the IC3 website, please contact us.
Complaint Status
The IC3 receives thousands of complaints each month and does not have the resources to respond to inquiries regarding the status of complaints. It is the IC3’s intention to review all complaints and refer them to law enforcement and regulatory agencies having jurisdiction. Ultimately, investigation and prosecution are at the discretion of the receiving agencies.
Evidence
It is important that you maintain any evidence you may have relating to your complaint. Evidence may include canceled checks, credit card receipts, phone bills, mailing envelopes, mail receipts, a printed copy of a website, copies of emails, or similar items. Please keep the items in a safe location, in case you are requested to provide them for investigative purposes.
Same happened to me, just got an email receipt for a purchase I didn’t make. $4.99 for a app that was in Japanese!!! So I immediately changed my password and cancelled the account. And it sounds like Apple won’t be much help so as soon as it posts to my CC I will dispute the charges.
Add me to the list … First I noticed that I could not login to iTunes … said apple ID does not exist. Sent an email to iTunes support asked them to check. They said my ID did not exist. I sent them list of last few order ids I had from order confirmation emails in my email account. Got a reply back … oh your id is annette_colette@instruction.com. I replied back … aaah … it’s not, I don’t know who the heck that is.
Long story short, after several emails back and forth, I am either asked to reset my password on the iforgot page (which I can’t because this person has changed my password and all identification info in my account) or asked me to cancel my credit card (couple of days ago a charge appeared for $25 on my credit card from iTunes)
iTunes support is f**ing frustrating. They keep sending form emails and really not helpful. I am considering reporting this to ABC’s Michael Finney and refer this website as evidence of widespread issues.
Another one here. Woke up this morning to find an email from paypal confirming my recent purchase of $60 worth of garbage music from itunes.
Contacted both itunes and paypal and they gave me the exact responses as everyone else got. Itunes said, sorry. can’t do anything about it, contact your credit card company. Paypal said there isn’t enough evidence to prove that it’s fraud.
What the heck is going on here? I am horrified that Apple is just sitting back and letting this go on, then hiding behind their legal jargon while they fill their pockets with stolen money!
Hi There,
Same thing happened to me last Saturday, and the same email from itunes, saying the can´t do anything.
I am going to write a letter to the BBC watchdog!!! I can´t believe this people!! we need to do something,they need to reinforce their security! and why they allow people downloading itunes from a different country where my account it´s set up? I filed the complains on the 28th, and the downloads were dated on the 29th! It´s clearly a hacker!!
Has anyone got their money back?
Still happening, very similar to all the stories I’be heard above. My communication with Apple regarding the matter got very confusing because whoever was emailing me was mixing the form emails with some ‘custom’ text. I asked for clarification a few times, gave up and finally said I really needed to *speak* to someone and just got the standard tagline of “You need to contact your financial institution” thrown at me a few times until I shut up.
Same thing happened to me over the weekend for $180. My bank was great but Apple is not. First I got the stock e-mail. Then, after asking for a human, I got a response from someone named Timmy. I don’t think Timmy exists. Then, incredibly, Timmy implied that this was my fault and that I should check my security. Someone has to put a stop to this. I don’t plan on using iTunes ever again.
Great. i just received a phone call from my CC company regarding fradulent use at the ITunes store. To the tune of $900 (it started with a small $2 purchase, once that went through the user went wild).
Here’s the problem. I can’t set up a new user account without entering my CC info, and I can’t update my IPhone apps without an account. Any ideas?
I have $400.00 in fraudulent charges pending right now. The apple support person I talked to on the phone summed it up this way- “your credit card company has insurance to pay for things like this”. Apple is sitting back and stealing our money – they are just as guilty as the criminals doing this. I am done with them.
I’ve just had the same happen to me and I’ve contacted Apple still awaiting a response on the issue, I also disputed charges with my cc company. But I also decided to to put a dummy cc on my account with a $1.00 in the account and it was used as well!! I’ve changed my email account along with password and removed all card numbers, when I try to update any apps it says my account is disabled and that is what prompted me to check my cc account. This is disappointing as I will now have to get rid my iPhone
Something is basically wrong with Itunes lately. They are ignoring their customers and allowing the constant hacking of accounts. I never used a credit card and only redeem $10 or $15 card when I need a download. Recently I had less than a dollar left in my account, but a purchase of $23 was recorded on my account. WTF! I was better off with P2P downloads. They may not be all that legal, but you don’t get jacked like you do with Itunes (also wider selection of tunes when you can find them).
Same thing happened to me over the weekend. I went to update an app on my iphone and was getting the message that my password was entered incorrectly. Which it was not. then I go to my PC and try to receive my password and it tells me that my account username does not exist. after three generic replys from the USELESS! itunes help emails, I found that someone had hacked my account, changed my user id to an account at oum.com and was charging downloads to my credit card on file. I am fuming at Apple. they insinuated that this was my fault. granted I only have two ~$40 charges on my account, but this is ridiculous.
My credit card company called me yesterday and asked about some purchases, $219 at Walgreens in Chicago. It was a fraudulent charge. But the kicker is the credit card company asked if I made a purchase from iTunes lately, and I had a few days prior. So seems like card numbers are getting stolen from iTunes, not just fraudulent iTunes purchases.
Yup – same for me – Apple needs to do something to better protect their site – someone hacked my password 4 times in a matter of 2 days…Apple says “too bad, work it out with your cc company…” very poor service from them…I cancelled my account.
Same story here in Wisconsin. Only thing that sounds different is that I never received a confirming email from iTunes regarding the purchases. Had I received one, I would have put a stop to it immediately, but instead had to wait to receive my credit card bill. Almost $500 in purchases made through iTunes. I’ve asked them to at least send me a receipt so I know what they are charging me for, but haven’t heard back on that yet. Apple could most certainly be doing more to rectify this, and prevent it in the first place.
In the long run, I think this will cost them customers.
Same here. Charges showed up on my credit card that I did not make, or authorize. My children had my credit card info in their iTunes account, so they could download songs. Several iTunes purchases were made, as well as Apple MOBILEME charges… and then a $250 charge to “bodybuilding.com”. We cancelled the card, and got a new one. But now I have to sign an affidavit and go thru the hassle of disupting the charges. My son’s iTunes account no longer works, so I am doubly suspicious that our credit card was hacked thru my son’s iTunes account.
Word to the wise (from someone who is now wiser). Instead of putting credit card info on iTunes accounts, just buy iTunes gift cards. That limits the damage, and keeps your credit card info from being vulnerable. There are numerous websites that explain how to hack an iTunes account (just google and you’ll see). So this appears to be a well-known, and somewhat common practice, given the number of google hits, and the number of folks responding to this thread.
My account was also hacked and itunes refuses to do anything about it. No less than seven e-mails with several different customer service reps. I begged them to call me or give me a phone number to call and they will not. Now they tell me I have to get a lawyer and police report and contact their legal department. I had to cancel my credit card and have my CC company charge back itunes. A big hassle as that card was tied to other accounts I then had to change. There are now unauthorized orders on my account, (just orders that have never been downloaded), that have not been paid as I canceled the credit card. They have locked my account and will not open it until I pay for these unauthorized orders. They will not even cancel the orders. Without a doubt the worst customer service I have ever dealt with. There is an obvious security problem with itunes as evidenced by this blog and a quick google search revels many others with this same type of problem. I just wish there was something the CC companies could do, because little guys like us stand no chance.
Yet another one here. Same story – $50 gift certificate for an unrecognizable name. The charge still shows as pending by the credit card company, and I can’t dispute it until it has cleared. Having read the previous posts, I don’t expect to get any assistance from iTunes. Finding this list of complaints will be useful ammunition when dealing with the credit card company.
Just an update. I received the typical pro-forma denial of responsibility from APL/iTunes. So I did the usual, changed my password and security question, and delected the credit card information.
I’m still not convinced that my credit card is compromised, just the iTunes account, so I am reluctant to cancel it immediately. However, I did activate the email alert option on my credit card. IF YOU HAVE ITHIS OPTION, USE IT. Basically, any time a charge is made on-line, by mail or by phone an email alert will go to my work and home email accounts. Since the latter also forwards to my Blackberry, I should know within a very short period of time about any fraudulent activity.
It is clear from the posts here, and numerous others that I’ve read on other sites, that this is a serious security issue that Apple/iTunes has refused to acknowledge. This problem will only get worse unless they are forced to deal with it. Putting the responsibility on the consumer and the credit card companies is simply unacceptable.
Perhaps the hard glare of adverse publicity would help. As well-read and well-informed as I am usually, I’m amazed that I hadn’t heard of this problem until it happened to me. So anyone know any national journalists who might be interested in the story?
I had $260 on my credit card from 1/9/10. Found it today. Stopped credit card, notified local police and FTC. Apple said I no longer had an account which is true because I couldn’t sign in when I tried and I never got a receipt for the downloads. Hopefully I won’t be charged and I will not use itunes or recommend it again. I will be very careful of giving out my credit card number online.
I just discovered Napster. Will never, ever use iTunes again.
I also got hacked over the last week. So far $60 in charges. Itunes customer support was no help. Changed my password, deleted my credit card information, and am talking with my credit card company to get the charges canceled. It sucks that Itunes is still doing nothing about this problem. Not even an e-mail to customers to be aware for fraud.
$1000 of charges spread over 20 orders was applied to my iTune account first three days of January. Itune customer service was no help! Cancelled my credit card. My credit card is now investigating. I wonder if Steve Jobs knows that Itunes sucks?
700 euro worth of Music stolen from my I tunes account. Had to cancel my credit card. Abysmal service from Apple. How can they say they have a customer care service. Apple….unbelievable. They dont care.
On my account €200,- was spend without ne knowing!
– TomTom app (wich I can’t even use, since I got an iPod Touch)
– and alot of crappy (sorry) Michael Jackson music
Within 2 days I got no money Left, except some cash not stored on my bank account WTF!
Me as well.
500 quids worth of charges done on one day. Apple have been pretty pants. Giving generic replies about identify theft which it so obviously isn’t.
There has been no indication from them that they are changing their system to stop it happening again so im moving to just using small amount gift cards so if it happens again they can only nick a few quid. (If apple can get me back into my account of course)
Oh no!! I received my visa bill yesterday. I have $2,800 in charges from itunes that I never purchased (68 transactions altogether). I had no emails to notify me of any of these! This is a huge shock.
I can’t afford to pay this bill! I’m super worried now after having read all these posts. :{ Count yourselves luckier that you haven’t been robbed for as much as I have!
I have sent apple an email but don’t hold out much hope now that it will get resolved. :{
Add me to the list. I got my credit card statement and noticed a whole string of charges for around $45 dollars, all on the same day. Fortunately they all occurred the day my billing cycle ended, so I discovered what was going on before too much damage was done. When I chatted with the faceless person at Apple, I got the same shtick as everyone else–that it was identity theft and I had to contact my credit card company bla bla bla. It is so obviously a case of my iTunes account being hacked and not a stolen credit card issue. I got so p*ssed-off that I told her just to kill the account completely. Overkill, I know, but I just don’t have time for that sh*t. Then I had to go through the whole pain of canceling my credit card, filing a fraud report, getting a new cards issued, contacting everyone that gets direct payments (cell phone, health club, etc.) It really chaps my butt that any jack*ss that gets his hands on my name, address and birthday can go in and hack my account that easily. Nice one Apple.
I was hit for $590 worth of charges today, and I basically received the same form letter that Gary received. Upon noticing this after I got home from work, I obviously removed my info from my itunes account, as well as the card #. Apple sees that I did not make any recent purchases, but insists that there’s nothing they can do, and my bank will not reverse the charges unless Apple sends some sort of notification. Apple customer service is the worst. No phone number, and you can only speak to a representative via “live chat.
I now have to wait until 7am to call my bank’s fraud dept., and I am also taking this up with the BBB, since I’ve received several different form emails from Apple, and I’ll get my money back one way or another. Screw Apple, I’d suggest to all of you not ever buying from them again.
Same thing is happening to me now. Thankfully the charges in total only amount to about $20 but it’s very frustrating to know that someone else is using my account.
My bank did refund charges. I changed my password and I still see unauthorized charges. It’s very disappointing the way Apple is handling this. But, I guess they can because people will still continue to use iTunes. Something must be done about it.
It also happened to me 2 days ago. I stopped the card, and changed iTunes password. but this hacker manages to change password again and again. I seriously think that there is something wrong with iTunes software. Stay away from signing-in using iTunes software.
This is obviously a big problem that Apple are ignoring. Same thing happened to me last week. Tried to login to iTunes account but “password or userID incorrect”. Tried to retrieve password then found userID no longer existed. Contacted CC company and found a trail of unauthorised purchases going back 2 weeks amounting to over £500. Deleted CC (and got refund) and contacted Apple. To say there were unhelpful would be an understatement- just got a stream of standard drivel about contacting regulatory authorities in my territory. They wouldn’t even let me have a list of purchases made on the ID stating “confidentiality”. A new slant on the problem though – I have lots of iPhone Apps registered to the old now non existent iTunes account – they cannot be transferred to a new account because you need the old details to deauthorise the purchase. Now have a pile of Apps that cannot be updated. Stony silence form Apple on this one so far….
I had sever hundred in charges appear on my credit card this week. Nothing new shows in my purchase history.
Apple investigated, said there were two accounts linked to my billing information…Same response as yours, report card as stolen, idententy theft and all…
If my Credit card was stolen the Why are the ONLY fraudulent charges from iTunes??????
btw, this all started on the very day I downloaded a free app using an unsecure PUBLIC wifi in the Hartfor, CT airport on 2/12/10. #1 why do I have to enter my password to download a free app and #2 Please don’t tell me that apple is sending that password in clear text…
This happen to me also, apps were purchase in 4 different orders totally $138.00
As everyone else did I contacted apple, without success. They told me to contact CC company, as they told all other posts. Also I noticed something on my itunes account. It says 4 machines connect to this account.( I don’t have 4) If they know how many machines are associated with the account, they should know who the thief who hacked my account.
I emailed support to request what machines are connected. Still Waiting for response.
Add me to the list too. More fraud… more sweet nothings from Apple and more headaches!!
ARRRRRRGHH
Add me to this stupid list as well!
However I never got any itunes receipts emailed to me so i had no idea this was going on until i checked my bank statment today.
>:(
I couple of days or weeks before that I also had trouble signing in.
Stupid iTunes! I want me money back!!!!
Yet one more. Same experience here.
I suddenly couldn’t log in – account info not recognized. Checked credit card statement, and voila!… over $238.00 in pending unauthorized iTunes charges. This is insane.
Apple is proving themselves to be the shoddiest company on the face of the Earth. I would get better customer service from the crack house on the corner than from this joke of a company!
I think it’s time for a large group of aggrieved customers to show up on their doorstep in Cupertino with media cameras in tow. Demand to meet with Steve Jobs, and refuse to leave until it happens. Whatever the result, it would bring massive attention to their intransigence. Something clearly must be done about this, one way or another
Just one more comment:
As with intransigent politicians, the best way to get an unresponsive company to take notice is to publicly embarrass them. Apple is all about image. Damage that and they have nothing.
They also have a lot riding on the new iPad. The obvious question for a wise reporter to ask is if so many iPod and iPhone customers are having such fraud problems with iTunes, then why shouldn’t prospective iPad customers expect the same? Any answers Apple? Hellooooo….?
Same thing happened to me. 2 transactions to my account on a day I was at Disney World ALL DAY and didnt have my computer. Apple says “sorry no refunds”. They wont even TRY to figure out what happened and I even have an email from them specifically telling me that my account was under a different email address and not mine. HELLO! That means it was hacked into. My husband says its a scam by Apple and I have to say I agree
I got popped 2, account compromised, rarely use it, itunes email only support refuse to reverse fraudulent purchases $200 worth in 1 week range from 4 to 40 $, finally got back into acct and removed CC after 3 days and several emails and calls, no thanks to bogus itunes support but thanks to 800myapple ipod support but took 3 calls to break them even, and they deny deny deny but at least got me back my acct, where itunes says hackers ‘changed my acct name’ (how is that even possible, worst security hole I ever heard of in my life) so effectivly locking me out n would not help me get it back while charges continue to mount up ( CC co BofA says they blocked it but dont look like it, charges still kept comin), so itunes email only support just several emails of bs form letters, but like i said apple ipod support did what they would not. at least stop the travesty. never will buy an apple product ever, will make ure no one i care about ever does, apple is a joke at best. no CC company BoA r saying its a billing dispute rather than fraud, so sounds like they will stick me with the fraud charges regadless of federal law of $50 limit, since each charge is under $50, smells like a stinky set up. so will be several monthes of bs battles with itunes and BoA to deal with and see where the chips fall. neither will ever see biz with me again.
Same thing happened to me. They let me back into my account but refuse to admit that if I couldnt get in “HELLO” then someone hacke dit. Idiots. My unauthorized purchases were also under 50 dollars each. I live in Louisiana.
This happened to me the last couple of days too. Started off by not being able to log in to my account. The iTunes store support were hopeless, directing me to the iForgot website. Duh! I started to suspect something amis when Amex called me and asked me about a suspicious iTunes charge. I also have three charges (first was $1, then two $40)on my Bank card which I just canceled too. My user ID was changed to an email address that doesn’t even exist.
I’m in Michigan.
You can add me to the list. Boston area here. Someone took my account and changed my user name and password so I could no longer get in to it. I only have one computer authorized and no one else has access to it or ever knew my password or account name.
Saturday I couldn’t get into my account and then my credit card company called me about suspicious charges. I don’t know what triggered them to find it suspicious but I’m glad they did and they called me. Someone did two transactions at about $46 each. I just started the paperwork trail now. Still don’t have my iTunes account back yet.
My account was hacked two, three separate charges for about $120. Apple resolved to say they were not at fault and I was repsonsible for the charges. The worst part is that after I locked the card at my bank, there were still outstanding charges that I didn’t make. Now I can’t even remove the credit card number. The final straw was when they suggested I pay for the thief’s outstanding charges with an apple gift card.
Add me to the list, I’m from Maine!
My iTunes account was just hacked too. I have not logged on to iTunes since March 09. I received a call from American Express saying there was a suspicious charge on my account from Apple.com, more specifically iTunes for $42. I told them I had not made any purchases from iTunes in quite a while and told them to block the charges. When I got home, I checked my email to see if someones was accessing my personal iTunes or was using my CC on a different iTunes account. I had 4 emails with about $50 each of crappy music from iTunes that I never purchased. I contacted Apple and like stated about they were absolutely not help and told my to contact AM EX and cancel my CC. I contacted AM EX again and told them I had almost $200 in iTunes charges on my account that I never made. They took off the original $42 and the other 3 amounts I was billed for. Thank goodness AM EX is a stand up company. They are sending me a new card via next day mail for FREE and have removed the charges. I still do not understand how I was hacked and why it was hacked. According to iTunes my account is only good on one computer but yet the person still downloaded well over 100 songs. Is there a way for this thief to play the stolen music?
I don’t think they ever got my charge card number (I didn’t change it and I’ve had no problems since). I think they got into my iTunes account (I did change my password).
If they had my CC number I think they’d have purchased more than $60 of music and videos (and the videos they can’t even play on their computer). I don’t even think they activated another computer to play the DRM / protected music.
I think they just got into my iTunes account somehow. (Or it’s an internal computer error at Apple’s end).
My iTunes account was hacked this morning for a total of $349.58 (8 separate receipts, each less than $50, made at approximately half hour intervals). I canceled the credit card and removed the card information from my iTunes account, changed my Apple ID, password, and security question, and de-authorized all machines associated with the account. My credit card company asked me to complete a fraud claim and will take the issue up with Apple.
I did manage to speak to an Apple representative who, GET THIS, suggested that I select ‘none’ as the payment option and make payments with iTunes gift cards rather than saving credit card or debit card information on the iTunes store.
Wow, add me to the LONG list of people that have had charges for itune purchases charged to my credit card. I promptly emailed itunes and they told me to cancel my itunes account so I did and had to cancel my credit card/ATM card and get a new one issued. Now I would like to purchase an application for my iphone and can’t because my account says that I still owe $32????? I thought they had taken care of this, but obviously not. I thought I could open up a new account but it won’t let me because it says that that email address already has an account-ahhhh!!!
Ditto to all the above, 5 purchases, disabled my account from future purchases. Now what?
Got an email receipt from iTunes for $57 in purchases yesterday. Knew I hadn’t purchased so immediately called iTunes. They advised me to change my password and contact my credit card company. Called the cc company and they showed the charge pending but not yet posted to my card. (Guess I’m lucky to have caught it so early.) They said I’d have to call back when the charge leaves pending status to dispute and launch a fraud investigation. Meanwhile, I cancelled the credit card.
AFTER I reported to iTunes that my account was attacked, changed my password and cancelled my credit card, someone purchased another $19 through my iTunes account only the charge was declined by my cc company because I had cancelled the card. So now, my iTunes account is blocked and I can’t change the payment method to “None” because of the unpaid purchase.
I spent 1.5 hours on the phone last night with iTunes. The first associate said iTunes could do nothing because this was a problem with my credit card. I yelled at her and got connected to a supervisor. Initially the super asserted the same. Said someone stole my credit card number and set up their own iTunes account charging their music to my card. Uh, then how did I get the receipt in my email box? And why is the music showing in the purchase history on my account? And why haven’t they charged anything else to my credit card? “Oh,” she said, “You’re right. Someone got into your iTunes account.” After that, she was actually very nice and tried to be helpful. She advised me to change my password again, as well as my security question and (GET THIS) my birthdate! I asked, “Don’t you want to know my real birthday.” The answer , “No, it’s only used as part of your security credentials.” Never mind how I’m supposed to remember the fake birthdate.
At one point, she said I should not download any of the hijacked music (Like I listen to Ludacris anyway.) and in fact should not do anything in my iTunes account until my cc company completes their fraud investigation. (Who knows how long that will take?) In order to continue using iTunes, she suggested I set up ANOTHER iTunes account, using a different email address which I “could set up on gmail or hotmail.”
She said sometimes theives get your iTunes password by hijacking email, so suggested I change my email password. Then walked me through downloading malware scanner (www.malwarebytes.org) to check for other viruses. Then she called another iTunes support line on my behalf to ask them to deactivate all the devices associated with my account. The first person she got on the other line refused because they only support iPhone and iPod Touch (but I have a Nano). But like I said, this girl was really trying to help me so she called the other help line AGAIN and got a more helpful operator, who deactivated all my devices. Then my supervisor, who I’m in love with at this point because no telephone support person has ever gone this distance for me, helped me reactivate only my computer on the account.
At the end, she said, “You’ll still need to have your credit card company launch a fraud investigation to get the charges cleared from your account.” I’m like, “Ok, I can do that,” and I’m feeling pretty good.
Then this morning I get an email from somebody else in iTunes support saying I have to pay the $19 in charges which were declined after I cancelled my credit card! She wrote, “I know you didn’t make this purchase, but we can’t refund something that has no value and since this was never paid for it has no value.” I wrote back, “I don’t want a refund! Just remove that transaction from my account. You allowed it to go through AFTER I reported my account had been hacked and cancelled my credit card. It’s your responsibility.” She wrote back AGAIN saying, “I just want you to have the information you need so that you can deal with this situation. It’s required by your credit card company. You’ll need to pay for the $19 even though you didn’t purchase them.” !!! My friends, I am not kidding. I have it in black and white from iTunes support. I called my credit card company AGAIN today and they said no way, I do not have to pay the charge which was made after I cancelled my card, but iTunes has still blocked my account.
Here’s the bottom line: iTunes is exceedingly vulnerable to hacking but iTunes wants to do as little as humanly possible so they take no responsibility for it when a hack happens.
i have just been hit for £220+ have canceled my card, but noe is saying there is a problem with itunes and will not let me in. on top of that my itunes account has been changed to China, i am not in china I Live in England, i am at a loss anyone know how i can change my country back to u,k i just keep getting error messages about outstanding charges.
it seems itunes is not doing a good job at all. my account got hacked too, and i was charged for $1357.35!!! my cc bill really scared me.
hacker even deleted my account. i had to recreate my account. i don know how that could even happen.
I’m yet another one. Was taken for $253 before I caught it. I’ll refrain from stating the details as you can just chalk mine up as a carbon copy of the other ones.
Apple is absolutely useless in assisting with this. They seem to be in the phase of denial like Toyota was before it all blew up. What sucks is we’re the lucky folks who got nailed before Apple was forced to deal with the situation. I can only hope that some of their executives get their accounts hacked so they can wake up to this B.S.
For now, I went to our local grocery store and bought a pre-paid credit card. That way I cap what can be stolen from me. There is obviously NOTHING being done by Apple (where the problem/security hole lies) and therefore NOTHING preventing this from happening again. Without the AppStore, the iPhone is just another phone. So this was my answer to taking care of a problem because Apple won’t.
My Credit Card company called to verify ‘unusual’ transactions
yesterday from Itunes. 22 transactions of the same amount (about $56 each), all the same day. Tried to log into my Itunes account. Got a message that my username didn’t exist!! Could not log in. Apple basicly saying to have my CC company deal with it. Had to cancel my card. I have not recieved the usual invoice in my email. Apple did verify the charges were made, but that all the ifo they would provide. This is not good.
Hi,
Same thing happened to me today – username and password suddenly didn’t exist… checked my account and loads of transactions were made of about the same amount.
Great, like I don’t already have enough stuff to deal with this week.
Clearly this a major security breach, and one which apple doesn’t really seem to have control of (or doesn’t care about?).
I like Apple products, but it sucks massively that they are pretending this isn’t happening. I will not be keeping any more cc details online with apple.
Same thing happened here.
Today I have received four SMS form my credit card company telling that someone was trying to buy music for about 250 USD.
But luckily CartaSi (VISA) has a policy that protects from unauthorized expenses: if you suspect a fraud and you call immediately, having the SMS service active, you will not be charged for anything.
But reaction time is essential…
I have read that some clues point to Boston: well, living in Italy I must say that I had been using the involved card number for paying a Boston cable TV network for my son…
And that last year I had to change another credit card number under a strong cloning suspicion. Same kind of payment in the Boston area.
Now I am going to have a rechargeable card to use for those payments.
man. same problem with me.. kinda. someone is buying music off my account so i changed my password and they still managed to buy more music. how gay. ima have to contact my credit card company now
I have had the same thing happen. All dated the 12th & 13th of March.
I have contacted my bank and they have launched an investigation.
Apple is no help and my itunes account is blocked until I pay an invoice.
I think Apple are not doing anything about the issue as at the end of the day they are still getting paid. It is the banks that have to pay.
I saw a news article whiloe i was researching this. The Japanese have started an inquiry into this. http://www.google.com/hostednews/afp/article/ALeqM5hamiG-B6J4M-UaUfmO0qxGjcLwqA
I have received a kind but useless formal response from Apple:
“Hi Mario,
Hello and thank you for being patient. My name is ******, I’m a Senior Advisor here at the iTunes Store and your case has been escalated to me to ensure that it is handled correctly. I understand that your account information has change to Chinese. I do want to apologize for the inconvenience this has caused you. I definitely understand how this can be an inconvenience.
I can definitely cancel your account but, first the unpaid order will have to be paid. What you will need to do is add your credit card to your account and paid the unpaid for $39.95. Once the order is paid I can issue you a refund for the order. You can not change your account information until this order is paid.
I also recommend that you contact your financial institution as soon as possible to inquire about canceling the card or account and removing the unauthorized transactions. You should also ask them to launch an investigation into the security of your account. Your bank should then issue a chargeback for the purchases in order for you to be reimbursed for the charges. The iTunes Store cannot reverse the charges.
In the meantime, I strongly recommend you change your account password immediately. Changing the password will help to prevent anyone else from using your iTunes Store account to place orders without your knowledge. To increase the security of your account, choose a password that has at least eight digits and includes both letters and numbers. You can change your password using this website:
etc. etc.”
to which I have responded:
Thank you for your response.
First of all my account information has not changed to Chinese because of my will, it has been HACKED.
Consequently I cannot access my account anymore because the scum that has hacked it has obviously changed ANY information and password.
As I told in my first message I suffered no financial damage because I could immediately block my credit card while the hacker had just began to buy fraudulently using my hacked account.
Surprise for him!
Reassuming: I have already blocked my card, I have already informed the authorities, filed an IC3 complaint (Complaint Id: I1003152016455832) but I CANNOT access my account in any way. I can survive without it but I would prefer to close it, obviously, instead of letting some Chinese guy to use my credentials.
Besides that I am not prone to pay any amount of money for a security breach of your system, a breach that I have learned is well known (reported in many newsgroup on the Internet, as I have verified after what has occurred to me).
And even in the remote possibility I would accept to pay for a fault that is not mine I could not, because I cannot add any credit card detail to an unreachable account…
I am wondering how long they will deny the truth…
Thanks everyone for your comments. Same thing happened to me (except I never got the chinese comments!). But I cannot access my account, iTunes unreceptive, I canceled my card with the bank, etc. So frustrating. iTunes is a real let down. Back to buying CDs and uploading them to a computer and then downloading to the iPod. Or, the prepaid $10 card from the grocery store.
Similar things here. Charges started appearing on my online bank statement; when I tried to access my iTunes account, my password had been changed. When I tried to reset my password, I was told that the iTunes account could not be found. Contacted Apple, and “Buddy” advised me to contact my bank etc. (duh), and that I should change my iTunes password. I told him that he should actually read my original email so he could learn that I no longer had access to my account.
Just out of curiosity, I went into iTunes and tried to recreate my account using the same ID as the old, compromised ID – and I was able too. So apparently the hackers accessed my account, grabbed my card number, created a new account with the card number and then deleted my old account.
In my new account, I’ve removed credit card information; I’ll add it in with each transaction – a pain, but maybe that’ll keep this from happening again.
And, like everyone else, the lesson I learned is that Apple is useless when you have a problem with their security.
Bob, the only thing that prevents from doing the same is the fact that I fear that as soon as I recreate my account using my credentials and a new credit card, before I can put “none” as a payment method, Apple will charge the new CC for the unpaid songs that the hacker has downloaded but not paid (because I have immediately blocked the previous card)…
Anyway I have written to a consumer association and to an italian TV show that often deals with such PITAs…
If they call me I don’t think that Apple would eventually make a good impression on the public opinion
:)
Mario, I just learned I’m in the same boat as you. The hijackers managed to get two $40 charges through to my bank before I stopped the card, but that left a $29 charge in limbo in iTunes.
Apple finally managed to restore the hijacked account to me, but I can’t use it until I pay the $29 outstanding (so the site says). I’ve emailed “Buddy”, the ever-helpful Apple guy, asking him to clear the balance and remove the downloads from my library.
I must say, Buddy has been responsive, but it’s interesting how new this all seems to him; every new discovery requires a conference among his experts. It’s almost like they’ve never seen anything like this before . . .
Here’s the latest from Buddy at iTunes:
“Thank you for your quick response. I understand that you are still having issues and I apologize for that.
Now that the account has been reenabled the only way to clear this would be for you to pay for the delinquent invoice and then once it is paid for I will investigate getting it refunded.”
. . . yep, he wants me to pay for the downloads the hackers stole from him, and then he promises to “investigate” getting me a refund.
Here’s my response to him:
“I’m afraid I will need more assurance than that you will “investigate” getting me a refund before I pay a fraudulent invoice. The hackers accessed my account due to a security flaw in iTunes; I see no reason why I should bear the burden for the failure in your software security.”
. . . I suspect this will be the end of a beautiful relationship.
My iTunes account was hacked last Saturday. 3/20. The good news was that iTunes sent me notification of ‘purchases’ — both apps and other things — which tipped me off, American Express was already on it, noting the change in buying pattern.
The experience, including the meaningless, polite e-mails from Apple was identical to the stories above. I have not recreated my account — although I changed my iTunes and .mac passwords and got a new credit card — just to let some time go by and hopefully Apple will formally address the problem. When I asked them very politely if they knew where the vulnerability was, iTunes? the iPhone?, they said that my lawyer could call their lawyer… oh, please.
I have no interest in either paying for the hacked apps nor ending the “beautiful relationship.” Clearly someone found a way into iTunes, and they need to admit it, make us whole, and close that flipping door!
Jim,
Can you paste a copy of the email regarding the vulnerability? Could be handy to me. Thanks,
And just a quick update on my case, someone agreed to fix my account and then the case was handed to someone else who said they cant fix it. I seriously doubt that they are unable to credit it, only that they dont want to. And i’m not paying the bill, I am investigation action with my local civil and administrative trimunal.
____________________________________________________________
Dear Russell,
My name is Jim and I am Senior iTunes Representative, I am working on your request from now on.
I am sorry to hear that you have some fraudulent purchases on your account and that the last order ************** for $***.** requires to be paid in order for the account to be changed to the way it was before. I am glad that you reported this incident to the Police, Apple is very good about following up with local authorities to fully prosecute people that do this kind of things.
I’m currently waiting to hear back from the department that is taking a look at this issue, so the second I have more information about this I’ll contact you immediately, I am also working in getting a code to take care for this pending purchase; I would need to have your permission to reset your password to apply this code to your account if the code gets approved, so I need your permission to do so.
__________________________________________________________
and then i receive
__________________________________________________________
Hi Russell,
My name is Raymond I am a iTunes Store Senior Advisor and I have been personally assigned to assist you with your case. I see that you are concerned with a charge that was made on the account.
Unfortunately I am unable to remove or credit the purchase in question I have tried and there is no way to remove it from the account. You do have two options available to use with I will go over with you below. The first option is to simply enter a valid credit card into the account and pay for the outstanding order. Then I will refund the order back to you so you don’t have to pay for the order in question. This is the simplest way to keep your account active and able to update applications and use the iTunes Store.
The second option if you still refuse to pay for the outstanding order in question is to create a new account with iTunes. You will need to create a new account and provide complete billing information including providing a valid credit card. Then after creating the account you can continue to use the account. Do understand that all CMA, iTunes+ offers and applications updates will not be on this new account. You will need to repurchase the applications for them to update with the new account. Music purchases from the old account will not work with the new account.
So as you can see both choices do choices to make and I would honestly just pay for the outstanding order so you can continue to use the account just like before. You can take all the time you want to decide on what you want to do. I will be looking forward to hearing from you soon.
_______________________________________________________
I q
Well, after mine also my cousin’s account has just been hacked.
I told him a week ago to keep an eye on his card balance and to change the payment method to “none”. He agreed but forgot to do it.
Today he called me: at least 150€ has disappeared from his account without triggering any security alarm. Maybe the 50€ expense lower limit for an SMS to be sent was too low…
What is interesting is that he was considering to buy 8 iMacs for his medical center.
What I know for sure is that for now he is reconsidering to buy some Dell…
Well done Apple! Applause!
my account has been hacked as well. An purchase of $974 (for a video surveillance app)was made as well as many smaller ones over the last few months.
Thank goodness AMEX is taking care of it. I have removed any CC from the account and changed the password.
I have been dealing with a helpful rep at apple, and like others have said, they will not remove the charge, However he did say that “While investigating some of the purchases, I see that there are multiple iPods authorized for the purchases, often on the same order. Just as an example: on order Mxxxxxxxx – there are 2 iPods authorized and one iPod downloaded the “ColorSplash” app while the other iPod downloaded the other three apps on this order. Unfortunately, I can’t tell whose iPods they are. Apple assigns a specific number to each device used on the account, but they are for internal use only and would not mean anything because they are not related to an iPod serial number.
So it appears to me that somehow, hackers are linking their ipods to legitimate accounts. and it appears that apple is very aware of this problem
Add me to the list…
$820 worth of fraudulent purchases were made on my account on March 26. I canceled my credit card and initiated the investigation/dispute charges procedures. iTunes support is giving me the same run-around about paying for the pending $14 that didn’t make it onto the card before it was canceled. They did however remove the 717 items that were available for download on the account without any issue whatsoever.
I find it sickening that this thread of comments is nearly a year old and iTunes Store STILL has not resolved this issue.
I am quite certain that iTunes Store will never receive my business again.
I was hacked over the past couple of weeks, and am £455 down at my bank because of it.
When I couldn’t get into my account I contacted iTunes, who told me my account name had changed and that was the problem. They must have known what was going on, but didn’t bother to inform me I might have had fraud perpetrated on my account!
I have been passed from pillar to post, from iTunes to bank, trying to find out what happens now, and if I’m likely to be able to recover that money. I only saw the purchases by chance when I logged in to my bank account for another purpose. Then I saw a string of about 20 purchases, all for between £20 and £28 each.
iTunes have been blandly “sorry” about the whole thing, and given me a ton of advice about seeing my card company and so-on, but have flatly refused to refund, despite the fact that this is so absolutely atypical of the way I run my account. I haven’t downloaded the stuff yet, have no idea what it is.
How can this have been going on for so long, and yet they still refuse to correct, or even acknowledge the problem?
I just ran into this today found $460 charged to my debit all from ITunes. I’m convinced there is a bad app on the app store since I didn’t get high-jacked till after i bought an app on the app store last week. The only time I log in to my account is from the app store on my iphone.
Frank, I fear the problem is much worse: I never bought an app, just music.
BTW, I have received another email from Apple. Now they are promising a reimbursement but before I should pay for the unpaid (fraudulent) downloads.
And they are unpaid just because I was able to block the card before the hacker could complete the third transaction.
I got done yesterday as well. Thought my pc might have been hacked but I thinks it’s at the itunes end as virus scan pulled up empty. 6 transactions worth about $30 each. Bastards.
This happened to me today too. $100 worth of gift cards charged to my debit card on my iTunes account. The bank said that since the charges are in pre-authorization stage that iTunes should be able to reverse the charge but they refused saying I have to go the dispute route through the bank. It seems like with gift certificates since they have the email address they were sent to they would do something but I guess not. Bad, bad, bad customer service.
Just had about $40 worth of apps dloaded, i received the receipt and I’m trying to see what Itunes does about it! unfortunately itunes is linked to my bank account throught paypal, so I have no idea how to fix this! i hope to hear from itunes soon!
I had to come back and say, Buddy from iTunes stuck with me and made it “right” in the end. I paid for the “stuck” downloads by putting in my new credit card number, paying for them, and then removing the card number from the account – only after explicit assurance from Buddy that he would be able to reimburse me.
And he did; a couple of days after I paid for the hacked download, a credit appeared on my bank statement. It took a couple more email iterations to clean up the account, but I appear to have my original account back under my control.
And Buddy gave me three free song credits to thank me for my patience.
So, maybe iTunes is learning how to respond correctly when a customer has a problem arising from their poor security. . .
Argh… just woke up to find $400 worth of iTunes purchases on my account, all made around 4:00 AM. I can’t even tell what half of them are because the titles are in Chinese.
Guess it’s time to call Apple see if Buddy is working today.
Had a bunch of charges on my itunes today. 4 separate invoices for about $45 each! A few movies and a bunch of Chinese songs, like the guy above me.
I have just had the same issue with my iTunes account being hacked. They were apps as well as songs and games. They also took some movies all to the tune of about $150.00
I have had the standard reply from iTunes but can not believe that it is still happening after all this time.
Hi. Its Alan in the UK. I just got hacked as follows. I wont leave credit card details on Itunes in future.
Details:-
Within hours of trying to connect a new Iphone and upgrading from Itunes version 7 to 9 someone has full access to my account and was spending lots of dollars (i SPEND IN £!). My itune account has been registered to an additional computer and the country code has been changed.
I have taken technical support with Norton symantec and they say :- this issue is not due to any security breach in the computer. It is a security breach online in the website. The Norton program has secured your computer from any breaches. I have suffered no other fraud in this attack apart from Itunes which makes me very confident the issue was limited to that program. I take my on-line security very seriously so I do want to understand how this has happened. The timing of it is very strange as well. I have used Itunes for years with no issue.
I woke up with a 40 charge from itunes and then 1.00. Called my bank and since they were pending I was advised to wait til they post to dispute the charges. Tried removing the card in my iTunes account online and it didn’t work. Left an email for iTunes about the situation. Changed my login and password then saw that my cc had the expired date so I stupidly updated that as well thinking that changing the login and pw was the problem. I then went into the iTunes account through my iPhone and was able to remove the cc to “None”. I also tried to go into my iTunes account on my pc but it would not allow me to connect to my account. Possibly changing the login and pw held it up?
Then later in the afternoon had 2 more charges; one for 1.00 from APL.APPLE and a $50.00 from iTunes again. So I called my bank and had the card cancelled. One possiblity I’m thinking of is that the iPhones were hacked into. My son, daughter, and myself are all on one iTunes account and have it loaded onto our iPhones. Could someone have hacked into one of them?
The most frustrating part is not being able to speak with a real person at iTunes. Apple said they couldn’t help me only iTunes could and they don’t have a phone. WTF?? No phone. I guess not since hundreds of people are having their CC #s stolen.
The same thing has just happened to my partner. Fortunately he got an email from iTunes saying thank you for your purchase of a tune he had never heard of (less than £1 value). He cancelled his debit card and contacted iTunes to receive the standard ‘helpful’ email but is unable to follow the instructions as UK no longer exists on the drop down menu, everything is in Chinese so just has blank squares instead of character and you can’t change anything without putting in payment details. He is not keen on putting in a different card and the old card won’t work as it’s been cancelled. His address and phone number have been changed and the number of authorised computers has been increased to 2. Seems like the same old problem that Apple have done nothing about.
My iTunes account was hacked yesterday. Got an email receipt about one charge. Now I cannot login to my apple account (iTunes, AppStore, etc). iTunes tells me my account is logged in from China. Check out the screenshot!
http://img.skitch.com/20100409-d2ms1fmf16y82rww2mxcy4ncqr.jpg
Card cancelled. Now I gotta figure out how to get my iTunes account back so my phone is functional (well, the AppStore)!
Same here. One download trnasaction for £0.99 (UK) then 2 (US) purchases between $40-50. Itunes ID has been changed (found this via Apple support email by using previous receipts) as well as password and security question. although Apple have found hacked account they won’t cancel account or reset password. Have cancelled card and card copmpany have instigated a fraud investigation. Apple have one large security issue. They know what has happened – why don’t they act?
I find it HIGHLY suspect that only one person who commented here had the problem solved by Apple. Just asking, does “Bob” work for Apple?
Same problem here. Two unrecognized charges, many with Chinese titles. Apple did not help. Disputed with bank. A third charge appeared, but is unresolved with Apple because bank suspended credit card. Apple refuses to erase unresolved charge. They want money first; then they will issue a credit. This whole process took 2 weeks: Apple is very hard to reach and not very helpful.
What can we do to bring enough negative publicity about this problem and force Itunes to take action and stop these hackers? I am in NZ and have also had the misfortune of two unauthorised purchases of just over $60 each made on our account. This was preceded by a single song download the day before. Our credit card company’s fraud department were onto it before us and had already blocked our card and did not honour the payments. Our account had also been changed to Chinese so we couldn’t log into it. Itunes are insisting that we pay for the unauthorised transactions before they’ll credit our account – no way! Our account has been cancelled and removed from our computer.
For some reason I had a charge for 1.70 on my I Tunes account and I never ordered the movie or whatever it was. It came back that some kim in upstate NY had bought the movie with a ID I had made on yahoo. How they got into my I Tunes account that I have not used in almost 2 years I just don’t know!
I’ve scanned my computer for everything, and anti-virus and spyware has not come up with anything. Only thing I could think of is wipe my apple and pray that it was the cause. I’m curious if there’s a virus for apple that’s stealing information? Either that or Apple Corporate has a security problem! With all the people I see commenting on here, something is definitely wrong. I’m suprised they can’t track the IP address from whomever purchased the items to go after them.
Oh, and my last comment here is I’m not buying a mac book pro now because of this! Your Customer service sucks with i tunes!
My account has also been hacked. The country code was changed to China and there have been multiple apps/games purchased, mostly in chinese. Total $495
Never use my account but did a series of virus checks anyway which all came back clean on my computer. I am from the UK and all purchases were in $. Completely wiped out my bank balance and will take 5 days to get sorted.
Guess I will be living off beans for a while….
Nothing new from Apple about my case.
I have responded to their latest email providing the information they were asking for (latest purchase receipt etc. etc.).
Still no answer (it’s a pitifully slow process of sending emails back and forth)
Surprisingly only one case has been solved, as Sally said.
I wonder if someone else’s problem with iTunes has been positively concluded. If so, please let us know.
Same thing for me….earlier this week I had 3 iTunes receipts in my email from approx. $50 each that I didn’t buy…the most I’ve ever bought in my purchase history is $10 or so! Many of the titles were in Chinese, and there was an issue of Black Man magazine (I’m Caucasian.) Called iTunes, and they could offer no help other than to contact my bank (which I did), and canceled my card. Good thing, because I see they attempted another charge. I’m SO mad that iTunes won’t correct this, and it’s been going on for a long time!
Hi, I have the same problem. Close to $400 in charges March 24-26, 2010. Through a chat with Apple I was told my user ID was changed in April, 2009 but she cannot explain why I have been able to use my own ID until March of this year and continued to receive purchase confirmations. Now I am blocked out and afraid to reset everything. I cancelled my credit card but they won’t process as fraud only as a billing dispute and Apple says they take no responsibility for “hackers”. There is NO protection for the consumer here. Apple told me they do not notify you by email if the id is changed. My billing dispute has been denied by Apple. Has anyone other that Gary had any luck getting their money back. Does anyone have a contact name, phone number of someone at Apple who can help at all. I just get the standard answers. We’re sorry, we can’t help you, file a billing dispute with your card company. Bank of America card company says they don’t even have a phone number for them.
IT’S STILL HAPPENING!!!! I was charged two $50 gift cards. The email receipt said gift for jack, gift for jeff. I clicked “Report a Problem” and changed my password.
The response from Apple: USELESS!
Hi Mario,
Thank you for providing the information that was requested. I have reset your iTunes Store account password for you.
Your account name: xxxxx@xxx.it
Your new password: xxxxxxxxx
I advise you to change this password to one known only to you. To increase the security of your account, I recommend that your new password be at least eight characters in length and that it include both letters and numbers.
You can change your Apple ID password at Apple’s My Info site:
http://myinfo.apple.com
1) Select your country and language.
2) Enter your Apple ID (account name) and the password provided above, then click the Log In button.
3) Select the Apple ID option from the column on the left.
4) Enter your new password twice, then click the Save Changes button.
Changes will take effect immediately. After that, sign in to the iTunes Store by following these steps:
1) Open iTunes.
2) From the pull-down “Store” menu at the top, choose Sign In.
3) Select the Apple button on the left of the Sign In window, enter your iTunes Store account name and password, then click the Sign In button.
Thank you for your time.
Sincerely,
xxxyyy,
Senior iTunes Advisor
Please Note: I work Sunday-Thursday 8:30 am – 5:30 pm Pacific Time
Thank you for allowing me the opportunity to assist you. You may receive an AppleCare survey email; any feedback you provide would be greatly appreciated.
—————————–
Thank you, but I cannot read Chinese…and my account has changed to Chinese!
Besides that I would like you to assure me that the fraudulent purchase that the Chinese guy who has HACKED my account has done will not be charged on my card.
Reassuming
Now I can access my account BUT:
I cannot change language and I need help to do it
I need assurance that I will not be charged for the security flaw in YOUR system
Otherwise I am not interested in using my account anymore Thank you
Mario xxxyyy
Pityful…
Latest update: in order to change Country an language I should PAY for the fraudulent charges.
It’s becoming a matter of principle: next week I’ll contact a Consumers’ association
Sad awakening to reality from “Apple’s dream”…
I have just received an email from Apple assuring that I will be reimbursed AFTER putting a valid CC number in my “resetted” account.
Well, I have just done it (using a “virtual” CC charged with just the money needed – about 36$) and now I am waiting.
In the meanwhile I have changed, obviously, anything “sensible” from my email address to the account passwod to any personal detail and question etc. etc.
I have also asked to deactivate ALL the 5 PCs that has been authorized (mine are three…) and I attach here a link to the items those hacking scums have downloaded (the ones fom march the 13th on)
http://www.mypicx.com/04132010/Chines_hacking_of_iTunes/
Double click on the fuzzy image to see a decent one…
:)
Now let’s see what happens
Sally Grant, I’m not an Apple shill, although I don’t blame you for being suspicious. I suppose one reason why I’m the only story with a happy ending here is that people are much more likely to post when they’re pissed; once they’re satisfied, they tend to wander off. That’s what I did (I still haven’t responded to Buddy’s last email to me of March 31 to thank him and let him close my case).
My initial correspondence with “Buddy” didn’t start out well. He posted the same boilerplate response that everyone else has received on first complaining; I responded sarcastically, accusing him of being an automated response; and then he responded again, breaking the Apple script to assure me he’s a real person.
His mild response embarrassed me, and I kept my tone civil and businesslike for the rest of our “relationship”. On re-reading his emails to me, it looks like he always sent me the canned Apple response, but inserted his own response to me in front of the boilerplate. It took 11 days and several iterations of emails to get all the issues fixed. He would suggest something, I would try it and then give him blow-by-blow details of what happened, and then he would confer with his experts and get back to me with another thing to try.
My sense is that Buddy and others like him don’t know a whole lot about the iTunes systems. It seemed that he always had to confer with an expert before making his next suggestion, and the initial suggestions were all the same stuff everyone else is getting; it was AFTER I had replied, telling him in detail what had happened, or why it didn’t work, that he’d come back with a better solution.
My final leap of faith was in entering my new credit card number to clear the last $29 charge on my account. I told him I wasn’t willing to do that based on his assurance that he would “try” to reimburse me. He came back and flat-out guaranteed that he was authorized to reimburse me, and would; I took him at his word and it worked out okay – he reimbursed me within a couple of days. That said, if it had been a $400 charge, I may not have been so trusting.
I think I was lucky in getting the one guy who was willing to try and actually help a customer, rather than responding with the legally-approved but useless verbiage the company lawyers generate. Too bad there aren’t more like him.
Apple has issued a reimbursement also in my case: I had decided to pay 39.95$ after many reassurances of a reimbursement and they have done it.
On the old and blocked card…but these are details…
:)
They have deactivated all the authorized PCs and reset my account
Thank you
Heard from Apple – they reset password but account had been set to CHN so couldn’t understand display. They insist that a new credit card has to be entered in order to change country. So did this, changed to UK and immediately removed card info. Changed name, address and email to something useless and saved. Will not be using Itunes again. One point Apple told me that you cannot change the country to something different to the card issuing country. How then did someone change to CHN with a UK issued card? Their security really is something awful. I did email sjobs&apple.com with complaint and my case was taken over by someone else – not much improvement! Goodbye Itunes :)
I got a itunes theft yesterday and they took $930 from my account which I need to keep for my rent. Thankfully, I just disputed my $930 back after visiting my bank teller. I changed my check card number and erased my itunes account. I got upset that apple didn’t care about this theft things. Is there anyone sue them? There customer service sucks.
I got hacked yesterday. Six transactions totalling just undre $250. Closed the CC.. changed iTunes Password. iTunes also locked my account because I closed the CC while the robbery was still in progress.. therefore about $10 in purchases were made that never made it to the credit card before it shut down. Now Apple says they will only refund the $10 in charges if I put a NEW CC number on the account, then they will charge it..and credit it back.
I’m still hesitant. Oddly enough.. the next day (today) my iPhone quits working around lunch… basically bricked for no reason.. says no SIM card.. got a new one.. still says no SIM Card.. won’t go to Home Screen says “Connect to iTunes.”
REALLLLY starting to get skeptical about the quality of Apple products.
Signed into my hotmail account on 04/24/10 and discoverd 5 confirmation receipts from itunes totally over $200 for purchased that I did not make. Most of the applications that were purchased were for the new iPad which I do not own. I email iTunes and am awaiting their response. In the meantime, I’ve cancelled my CC and have place the transactions in dispute with my bank.
April 21, 2010 at about 7:45am unauthorized charges began to show up on my account. I received an email for 2 purchases I did not make. The first was for $1.00.The “Report a problem” link does not work on the email. I immediately went to the website and reported the unauthorized charges were a problem and charged without my authorization. I finally found a phone number and the rep told me iTunes would be back in touch in 24 hours. I explained to her that we did not have 24 hours because someone was making unauthorized charges now. She walked me through changing my password and deleting my credit card and said someone would contact me. I went back to my bank account and found that I now had SEVEN CHARGES (Keep in mind this was less than an hour after discovering the fraud). I contacted my bank and told them about the fraudulent use of my credit card and we canceled that card. 5 of the charges are just under $50.00 ($45.84, $43.61, $45.54, $42.57, $49.13 . Now I am in Limbo waiting to file a fraud report while iTunes (not some unknown scammer) has my money. iTunes knows this is going on. When someone adds a new computer to an account and begins to make $50 charges as fast as they can an alert should go out automatically. At the very least with this problem so rampant itunes should have an easy to find “report a fraud” link. The entire site is devoted to sales and 1% to customer service
My account has been hacked for about $260 over the last month. Same outrageous response from iTunes customer service as all of the above. It’s astounding that Apple, the king of product design and customer service is totally blowing this. They won’t even acknowledge that there is a problem with their security. I told them I would not reopen my account until I had some assurance from them that the problem has been addressed and fixed. I’m not holding my breath. Really sad.
SAME! but i am a student and from the UK. i have an ipod touch and my account was hacked, with someone buying apps i would NEVER buy (boy,violent games). Its really annoying coz i cant seem to find an e-mail address for them, and it costs £35 a call :'(
Add me to the list. I could not sign into my iPhone this weekend to update apps. Today I tried using my PC to check into my I Tunes account, and same story as everyone else. My UserID had been changed. I feel lucky with only $120 of fraudulent charges. I cancelled my credit card (and will now need to spend lots of time dealing with recurring charges which will now bounce).
I created a new ITunes account, but was not able to link it to my old one. My applications would not update. It said I did not own the “full versions” or something. I was able to get Apple on the phone. Two very nice people helped me. It took about one hour to get everything straightended out so my new account recognizes my old purchases.
I’m done with the Apple store. I’m purchasing MP3s on Amazon. When my iPhone contract is up, I’m getting an Android. This is scary. I travel overseas often. If they had my account while I was traveling for a week, they could really do some financial damage!
Add me to the list too.. tried to download the free songs today on itunes and it said my password was incorrect. When I tried to reset it, it said my userid and account couldn’t be recognized. Then I checked my bank account and found $250 of charges! My bank had already flagged the card as possibly being stolen and stopped other charges from Apple coming through. Now I have to get a new card and have recurring charges changed from other accounts.. what a pain! Next step is to contact Apple and hope they are helpful. I’m going to call the 1-800 number unless someone has a better number I should call?
i had 7+ charges from 4/26 from itunes that were fraudulent. not only that I am no longer able to login to my account. It says my apple id is invalid or does not exist.
I’ve emailed apple support, but no response yet. Tried calling their support, and they would not support me unless i purchased apple support care…
This is ridiculous… Amex was able to stop the charges from coming and the 7 that went through are now being disputed.
If apple is aware of these fraudulent issues, they should have a dedicated support line to deal with this.
I had same issue on April 19th. When I checked my account, someone suddenly took out money from my checking account which transaction named as itunes. I lost 920 dollars in a day by splitting about 50$ each transaction. Fortunately I told it to teller next day and disputed it. Apple is using AES-CRC encryption with 128bits which makes their security level lower and faster to users. Hope people aware that itunes is unsafe.
Got hacked also today, just not in Chinese.
I am just shocked how the email I recieved today looks exactly like the emails some people got last year for the same problem.
My bank already reverses the charges and just wondering if iTunes is going to make me pay for the reversed charges if I want to enable my account again
I also had the same problem today with my itunes, april 28th, within 30 minutes, 3 purchases of 150$.
i contacted apple and waiting for their response, if i dont get what i want, i request that we file a law suit against apple. i very much have the resources to do so. if you guys can back me up.
My iTunes acct was hacked by the Chinese. Bought a bunch of Chinese apps with my $62 balance from gift cards. Luckily, I don’t have a CC attached to this account.
Scary bad Apple iTunes security allowed this to happen.
The thief changed my acct name, email, and password. At no time did Apple send me an email to confirm these changes or make me aware of this fraudulent activity. They email me when I download a free app but can’t alert me when my account is changed?
So, no refund and I can’t even download the apps that were purchased with my money.
What a joke. How is this even legal?
I just bought my iPad and will probably sell it and my iPod touch now that purchasing apps are to much of a security risk.
To add insult to injury, the support agent had the nerve to tell me that this kind of thing is rare and of the millions of transactions, it hardly ever happens.
He should check out this web site…
You’re right “They email me when I download a free app but can’t alert me when my account is changed?” so many sites offer this.
Even to require you to do a confirmation to change the account would be a good security option. Some people don’t like this, because if you don’t have the account any more you can’t get the confirmation, but there are options (like it e-mails you every day to the address on file and if you don’t cancel the password change within a week, it’ll let someone do it on-line).
They’re got the “genius” to figure out what songs you’ll like, it can’t figure out you don’t know Chinese?
Isn’t there something that can be done about this? I’ve searched and there are complaints ALL OVER the internet for the past year and yet nothing has been done to resolve it. Why hasn’t there been a major news story on this or better yet a lawsuit. Doesn’t it seem odd to everyone that it appears to be the same hacker? There are always charges for just under $50, a lot of the ones I’ve seen involve iPad charges, and the credit card is ONLY being used to purchase iTunes software. How many times does this same so-called hacker need to download this same software? Apple won’t do anything either because they are making a fortune or because they are the ones charging people. What other excuse can there be? They regulate everything so strictly on your account but yet they can’t tell who downloaded the product or how to stop it? You’re telling me the hackers have everyone’s credit card number and the only thing they want is iTunes software?
Happened to me as well. My account was hacked and stuff was purchased in $40-$60 increments while I was on vacation. I will be contacting my bank tomorrow during business hours. Quite shady, though. Seems like iTunes passwords are just out there for anyone who may want them.
Here’s the incredible reply I just got from Apple after telling them I wouldn’t be reopening my iTunes account as they had done nothing to take responsibility for the security issue and to reassure me that it wouldn’t happen again. I also mentioned how disappointed I was as I had always been such a huge fan.
Hello Jan,
Its good to hear from you again. I do hope that your credit card company was able to return those funds for you.
At any time in the future, if you do decide to come back to iTunes, we here at iTunes Store support will be glad to answer any questions you may have.
We are sad to see you go but I do understand this has been a trying experience. Have a great day.
Sincerely,
Breanne
iTunes Store Customer Support
My account was hacked last week also. The person made 5 transactions ranging from $40-$75 each time. They changed the email, password, and name on my account. I got the account back and see they downloaded a bunch of apps, ringtones, and various songs. There was even some Chinese-English dictionary or some crap. They tried to make another purchase, but I had canceled my bank card by then. I’m not planning on putting in a new card, because it looks like that last transaction is pending and I don’t want another bogus charge.
Thanks, Bob. I just find it so hard to believe that someone actually had his problem resolved by Apple. It is still a big problem as evidenced by Amber S.’s entry here today. Apple knows about this problem and could care less.
This morning at 5am the same thing happened to me. Wasted much of my Saturday dealing with this. The fraudulent person be it Apple or an actual person is still out there. I find it hard to believe that Apple is not taking responsibility for this problem. They wrote me a email:
Dear Kelly,
I understand you are concerned about purchases that were made with your iTunes Store account without your permission or knowledge. I can certainly see how upsetting this would be, and I sincerely apologize for any inconvenience experienced as a result. My name is Simab, and I will do my best to provide the appropriate information in this situation.
To prevent further purchasing, I have disabled your account, “kjkeeffe@rof.net”, and banned the credit card ending 6564 that is listed on this account. Please note that your iTunes account can be enabled in the future by providing specific information to iTunes Store support.
I urge you to contact your credit, debit, or payment card issuer as soon as possible to inquire about canceling the card or account and removing the unauthorized transactions. You should also ask them to launch an investigation into the security of your account.
In the meantime, I strongly recommend you change your account password immediately. Changing the password will help to prevent anyone else from using your iTunes Store account to place orders without your knowledge. To increase the security of your account, choose a password that has at least eight digits and includes both letters and numbers. You can change your password using this website:
http://iforgot.apple.com
If you wish, you can also delete your payment information from the iTunes Store as follows:
bla bla bla a list of ideas then:
I sincerely hope that you are able to resolve this matter with the help of your card issuer. When you are confident the matter is resolved, please return to the Apple Account Information page, click the Edit Payment Information button, and enter your billing information.
Thanks for your understanding, Kelly.
Sincerely,
Simab
The line about hoping I can resolve this with my credit card company gave me such great comfort…NOT AT ALL.. I am so disappointed in Apple. Especially after reading all these similar stories. Someone really should file a class action law suit with Apple.
Kelly K
Ad me to the list they got me for almost $2500.00 I’m going to see if I can do anything legally about this crap this happened yesterday
Found out the culprit used a Keystroke virus. Any know about a keystroke virus?
So add me to the list as well. Like everyone else it started with the site not recognizing my ID and password. After back and forth with ITunes (via e-mail only) I discovered that $933.00 of purchases had been charged to my credit card. When I informed my ITunes Tech about it the response was just like everyone else “The iTunes Store cannot reverse the charges.” My initial call was to Apple Customer Service because, as everyone knows ITunes does not have a Customer Service number. I discovered, per the prompt, that “Apple does not support ITunes for Windows”. Hmmm, I wonder why? Obviously they are trying to wash their hands of the problems I’m sure they are well aware of. What I don’t understand is why, when this first started, they just didn’t e-mail all their customers and tell them to remove their credit cards from the site and only purchase with ITunes gift cards? That would have stopped the problem IMO. Now I, along with most of you, am spreading the word to everyone and everything I know, including the networks. I am on a mission. Does anyone know if there is anything on Facebook about this – because if not, I will make sure there is. Hey if they can get Betty White on SNL they can bring this problem to the forefront.
my husband and i are having the same thing and all they can do is say sorry well if there sorry why cant we get help and why should we pay to talk to a support tech that feature should be free were already getting overly charged for purchases we didnt make and theres no help well i contacted the news and a few radio stations about this and already have it on facebook plus we plan on switching companys
Wow, this just happened to me and I did a search to see if it was a common issue. Guess so. I won’t go into the details but I now have no account b/c the hacker changed my email and password (all while I was in the hospital for 3 months on bedrest but that’s another story but explains why I didn’t look into right away when I started getting messages that my password wasn’t working, etc.). I can’t update my iPhone apps and I think somehow they de-authorized my computer so my music is all gone. And Apple today told me to hire a lawyer b/c my account was subject to an ownership dispute. I think the Facebook thing is a great idea. I just looked and I don’t see any group about this issue. Facebook is getting so much press about their privacy issues but this is much worse if you ask me.
Another frustrated itunes user with unauthorized charges. Luckily, my bank noticed the charges and put a hold on my card. The card is now canceled and my bank said they would start the dispute process, but I’m also locked out of my itunes account due to the “user ID does not exist” problem. Which means I can’t update any of the apps on my ipod touch. Grrr. Was contemplating buying an iphone, but I really don’t think I will be doing that now!! Emailed Apple support and am hoping they can reset my account somehow. It makes me very nervous knowing my personal information is floating out there somewhere.
Just happened to me yesterday. 2 individual amounts of around 40 some-odd dollars each of apps, podcasts and Justin bieber crap. Thankfully found out about it through the receipts Itunes sends. Apparently another attempt was made today but the account that was linked to my Itunes is now closed. Still working my way through it. I hope they find whoever is doing this and bring them to justice.
I just found some unauthorized charges on my Itunes account as well. Fortunately mine were small, but shortly after reporting the issue to Itunes the hacker got into my account and changed the name on my account to Curtis Forbus. It’s disturbing to say the least. Thank you for sharing this information so I knew to act on it right away.
Because it is clear that you can’t see the seriousness of the situation with the iTunes store, I am going to tell you the truth about what has been going on with your account.
Let’s say you are a Chinese guy or girl with an iPhone or iPad and you want to get some music, movie or app. How you do you do it?
You go to http://www.taobao.com: The (by far) largest online market in the world and type iTunes in the search bar. Inmediately you will be presented with a list of more than 7,000 items.
You want to save money, so you filter the list to show only items under RMB25.00- (USD3.60) and still you have more than 3,600 offers.
So you pick some one at random like, as an example, this one:
http—.com/item.htm?id=5516054242
You open the online chat and you transfer him RMB22.00 (USD3.20)
He ask you in the online chat to provide a new iTunes account name and password, and you comply:
User: ———@yahoo.com Passwd: ——–
He asks you to wait 10 minutes online. He has already a number of user accounts under surveillance, so he enters in the iTunes account of his victim, change his/her username and password to the one you provided, and come back to ask you try it and approve the trasaction so Taobao.com releases his money.
Even if you cant read Chinese you can see very clearly in his item description that this account will not last more than 24 hours (the time for his victim to see the charges mounting and then cancel the credit card).
He claims that he select “his” accounts so you can drain at least USD250.00 from them before they get cancelled. He urges you to be fast and buy and download as fast as you can. Start inmediately! Keep the download going on for the full 24 hours! There is no warranties on how long it will last!
Because he already changed the username and password, the victim can’t stop you.
There are cheaper ways, of course! You can join a “frenzy feeding”, where the same hijacked account is sold to several customers. It is much slower and, because it was “opened” maybe hours ago, it will be much shorter lived. It can be had for RMB1.00 to RMB5.00 (USD 0.14 to USD 0.74).
The most important thing, however, is to BUY fast not to download fast. You can download at leisure during the next weeks. iTunes will not stop you: It will only remind you that your (victim’s) credit card is not working and invite you to update your payment details.
Then, if you want more applications later on, you just enter in Taobao.com and get again a new account in a few minutes.
This is the sad reality.
There are a lot of of things apple could do to stop this, like cancelling the hijacked accounts and deauthorizing its computers, making the whole process useless. But for what?
This is not a problem for Apple: It is a problem for the credit card industry. The account is right, the payment is right, end of the story. If you claim that someone used your credit card to buy things it is a problem between you and your bank, not between you and Apple!
Please note that when you are buying like crazy with “your” new account Apple doesn’t bill directly to the credit card every time you add an item: It bills in batches of around (below) USD50. This is another detail that shows how cunning they are!
You buy, buy, and buy. And every time your reach 40-something dollars Apple invoices the card. If it pass, you can keep buying. If not, it stops you from buying more.
This achieves two things: One, it limits the damage to Apple as they only can get hooked for, at most, USD50.
Two, makes the whole system safer for them, as purchases under USD50 are not protected in the States law.
And it is funny that if that last transaction doesn’t go through, then is when the rage of Apple comes over you for any item you may have already download before the invoicing point was reached.
Apple will put a flag on your account and will not allow you to download updates for any of the apps on “your” account (whatever order they came from) or download the pending episodes of “your” season passes).
In this case, you have no option but to go to Taobao.com and use another procedure.
There are people (the same people) who saves you time by doing in advance the whole process of providing the user, etc. They’ve already “opened” an account and used it to purchase one or two USD50.00 gift certificates. You get one (USD1.4) and use it to cover the debt with Apple so they can let you enjoy peacefully the items you “own”.
The Never Ending Story…
This is the response to an email sent to Apple customer care because of my account deactivation (AGAIN)
Hi YZXYZX,
thank you for your response.
First of all I need to reassume the (unlucky) history of this account
My former account (xxxxxx@xxxxxx.it) had been hacked by some Chinese guy, as you can see following this case report number: 99539128
xyzxyz, a Senior adviser, has been very helpful to solve the issue. I have paid the sums still pending that the hacker had generated and finally they have been reimbursed to me by Apple.
I have changed my previous account to xxxxx@xxxxx.it (with a new and strong password, obviously), deactivated all my PCs and then reactivated them again. I have created the new account using a valid credit card, then I have put as payment method “none” as you suggested and also because of my security (the Chinese hacker had used my credit card to buy apps).
Then I have also received a 25 € Gift certificate from Apple as a gift for my “patience”
:)
Finally a couple of days ago I went to the App Store to buy an App for my newly bought iPad and I introduced the gift certificate code. Well, you can imagine my surprise when the site stated that that code had already been used!!! I had scratched it personally and it was integer.
It was only the beginning of the problem. I soon discovered that, even putting a CC number instead of “none”, I wasn’t able to buy anything because my account has been deactivated!
Coming to your questions:
I cannot provide you with the order number of my most recent purchase or with the name of any item I’ve purchased using this account (xxxxx@xxxxx.it) because I have bought nothing since the moment this account has been created from the hacked one (xxxxxx@xxxxx.it). The same for my credit card last digits, because my payment method had been set to “none”.
You can instead look at the case report #99539128 where I have provided all the requested evidence for the previous account.
My billing address, finally, is always the same:
Mario xxxxxxxxxx xxxxxx
Piazza xxxxxxxx 15
xxxxx xxxxxx
Italy
In the meanwhile I have created a new account linked to a rechargeable CC and bought what I needed…
But let me tell you that I am really surprised by all the problems that your site has showed, both related to security and lack of strong, reliable procedures to assure a safe browsing/buying for your customers plus a baroque mechanism of data authentication/confirmation.
And the problem DOES exist: after writing an email to Steve Jobs I have received a phone call from the States (from Cuppertino if I remember correctly) from a very nice lady who spoke a very good Italian (I could have spoken English but I preferred this way) that was well aware of it and of its severity. And she has given me some good advices and information that I am not going to discuss here.
Hope hearing from you soon
Cordially
Mario xxxxx
Argh! I’ve never used iTunes but downloaded the program anyway because of an ipod i received for Christmas. I went through the necessary steps just to see how the program looks / works. It asked for credit card information but had the option to use paypal. I went with that option thinking it was safer. This was all done a few months ago. This morning I get online to read emails and find 15 emails from iTunes showing several purchases in every order. Next I see 15 emails from paypal letting me know that they paid. $675.64 dollars worth of charges. You better believe I’m going to fight this. I’ve already put in a dispute with paypal and I changed my password. I can’t do anything with itunes account until I get home (I’m at work) since my home computer is the “authorized computer”. My paypal account is connected to my checking account. I’ll also call my bank to see if there’s anything I can do so the charges don’t hit. This is so disappointing. All the charges were back to back. You’d think iTunes would see a pattern. It had to be someone in college because it looks like they purchased all sorts of books. Audio books, I suppose. This is so freaken frustating!
Just happened to me! My Debit card is over drawn over $100, 5 transactions unaccounted for and so far 2 emails from itunes of purchases made! I haven’t used itunes in a year or so!
BTW, it’s a little bit out of topic but I cannot understand the rational of excluding an italian guy with an Italian cerdit card from buying books and movies on iTunes and iBooks.
Yes, it is impossible for now. Maybe(maybe) in the future.
Nice way of using an iPad: crippled!
But I guess the important thing is selling…
I got a call from my credit card company this morning, asking me if I had purchased $50 worth of poker chips on iTunes. I had not. They told me a total in excess of $550 had been charged. They canceled the card and will be sending me a new one. I logged onto my iTunes account, and looked at the previous purchases. Sure enough, a purchases of poker chips for use with the online Texas Hold ’em by Zynga. Got in touch with iTunes store support by chat, and they walked me through changing everything. Obviously it was not theft of the credit card number, but the iTunes account, as no other charges have been made on the credit card.
My account was hacked into yesterday and over £100 of stuff from itunes was downloaded. Spent 10 minutes on the phone only to be told that there was no helpline for such a matter and that I needed to email iTunes/Apple. Still awaiting response. No idea how this person got into my account when only have computers with access. Absolutely livid that Apple make it so difficult, don’t know how I am going to get through the month with £100 quid missing from my account! Account had debit card not credit card. Have removed card, cancelled it and changed login details.
Same here, account was hacked, 7 charges on credit card. Damn Apple! :-(
As soon as I’ve got my account back I’ll set my iTunes accout payment method to “None” and will never buy anything again from iTunes. Stupid
This happened to me as well on the 4th of June. I received two charges for 41 and 49 dollars 2 minutes apart at 8:58am and 9:00am. I don’t have any gift card charges, but it appears to be iPad applications and songs or shows or something. I don’t even own an iPad.
My bank cancelled my card and I filed a fraudulent report against the charges, and I also received Apple’s generic fraudulent charge email listed above. I’m waiting to hear more from my bank/iTunes about the charges.
I’m from the UK and have had my iTunes account hacked on 5th and 6th June, 13 transactions of downloaded Japanese music totalling £225. I have emailed Apple (couldn’t phone as there is at least a 15 minutes wait!) and they replied saying I need to contact my bank. My bank say I need to contact Apple’s fraud department – they seemed surprised when I said they don’t have one! So hoping bank will refund me. My biggest problem is that the I had some credit on my account which has also disappeared, and Apple won’t refund it to me, saying it’s part of their terms and conditions not to refund unauthorised losses. I read the t&c and it says the above, then continues ‘which are not due to the negligence of Apple’. If it’s not Apple’s negligence, who’s is it?!
Also an interesting article at the link below:
http://www.timesonline.co.uk/tol/money/article7126884.ece
I connected my IPod to my computer to copy a CD in. While on, my account was hacked and $130.00 + worth of apps and games were downloaded.
Apple’s response? It’s MY fault because (according them) my virus protection wasn’t up to date. How they know this, I have no idea.
Glad to see I’m not alone.
Well, it doesn’t matter that you change your password, Apple will tell you that this will never happen again but guess what… IT DOES! And it has happened to me TWICE!!! Two different iTunes accounts, two different bank accounts, whatever they’re using to secure their customer’s account information is obviously not working. At this point I am so frustrated, the charges that were posted on my account were for iPad applications and I don’t even own an iPad -now I think that I don’t even want to! Now I have to deal again with all the paper work, phone calls and wasted time this represents TO ME, because of course, they’re not responsible for my stolen money. Starting to hate my previously-loved-amazing iPhone.
“I also tried to play some older protected/DRM’d music and it still plays (so I’m guessing if someone hijacked something they didn’t deauthorize my computers).”
Deauthorizing all computers will not prevent already authorized computers from playing purchases.
iTunes does not check every time with iTunes store to see if the computer is authorized. It will prevent purchases and downloads (such as free songs/apps or updates).
Purchases which already play will continue to play.
I’ve just been hacked for 100+ dollars. I suspect that the hackers are not after apps at all, but rather making royalties off apps they force you to buy!!!! the irony of the whole thing is that apple could quite easily find out who is doing this but of course they won’t. they are making money to by sticking it to consumers and CC companies. Its a weekend but so far apple has given me the same old BS lines. If anyone has any ideas for fighting apple on this i’d love to hear them. APPLE IS COMPLETELY RESPONSIBLE FOR ALL OF THIS!!!!
Yes, mine was hacked too in May. ITunes says the person was from China, there is a surprise. My credit card company said iTunes has has a major hack job done on it.
this same thing happened to me. the thing is, I haven’t had itunes installed in like 4 months nor have I ever bought anything on it. I only used to it try to see if an app would work and it was free my card has a dispute process but I have to wait 3 days, then a letter gets sent, that gets faxed back and then up to 10 days to research it
Well, repeating what Matador explains in his post, there is no need to find out exoteric explanations for the hacking: once an “informed” chinese guy needs an App he can connect to http://www.taobao.com, open a chat with “Mr X”, prepare a cheap contribute and wait.
“Mr X” has already a list of possible “sleeping” accounts of which he can take control when needed (and here comes Apple’s security flaw), he choses one of those and, after the “customer” has checked out that it works (by accessing the newly – chinese transformed – account) Mr X receives the money and the “customer” can start buying apps etc.etc.
This hacked account would eventually stay opened enough time to be shared with many other “customers”, multiplying both the damage (for the real owner of the account) and the gain for Mr X…
this does not exclude that a similar mechanism could be eventually cretaed elsewhere, let’ say using
a Russian website.
Just watch out the language of the transformed account…
The cherry on the cake: the gift card Apple sent me to sweeten the sour of the hacking had already been…hacked!
I bet they also have problems with the algorythm that generates the sequences on the gift cards.
Unbelievable….
Same problem here in the UK. 13 purchases on my account today totalling £447.25. Both bank and itunes say it is the others responsibility to initiate an investigation and sort any refund. My bank said this was the 10th reported case of compromised itunes account in the last week!!
I’m another victim. over $200 in fraudulent charges. I’m on hold now with support from Apple, Automated message says “Unusually high call volume.” Hmmm… there are many more.
“Honni soit qui mal y pense”, but a post referring to this problem (an entire discussion, actually, referring to this blog) has been cancelled on Aplle’s discussion forum.
I don’t think that hiding the dust under the carpet can help.
More than a year later and many of us are experiencing the same issue. I spent many hours this week resolving ~400 worth of unauthorized purchases. Its a shame that APPLE doesn’t do the right thing and fix their security problem. The only solution i’ve found is to remove credit card info after making purchases. It sucks and it defeats the ease of buying from device…but it’ll save hours of headaches dealing with credit card and apple support.
Same thing for me. $400.00 in less than a few hours. In the middle to the night. I’m done with itunes. You can get the same songs/better price from Amazon and they have what’s called a “CUSTOMER SERVICE DEPARTMENT”.
Right after purchasing an iPhone in NYC 6/24, within three hours over $100 was charged to my iTunes account for four receipts showing albums and single song purchases (hip-hop stuff). I had to do the usual time-consuming and aggravating nonsense of notifying my credit card company, writing emails to iTunes, changing passwords, etc. I am still fuming especiallly as I read these posts and see the lack of security in iTunes. Since the receipts have numbers, can’t the perpetrators be traced?
I thought that the breach had occurred when I purchased my iPhone. Now I am not so sure, I had posted a question about hacking in the iPhone section of the discussion forum. There have been no responses. I am glad to have found this page but despondent over the futile attempts to remedy the situation.
Same thing happened to me last weekend. I actually thought that I must have lost my IPOD because I was confused how someone could access my account. (I didn’t) So there ended up being 5 different purchases over $170.00 in two days. ITunes basically just tells you to fill out the forms….still haven’t recieved an email back. I have canceled my credit card, and am really close to cancelling my Itunes account. One of my friends said if you have an i-tunes account don’t like your credit card to it..just buy gift cards for yourself and it will give you that credit so you can buy stuff. It’s an idea…but I’m really UNHAPPY with Itunes.
Just happened to me. Got to $200 before I fixed my paypal account so that it would not accept iTUNES. Crooks…Paypal is clearly in on the fix since NEITHER IS WILLING TO CLEAN UP THE MESS.
Apparently someone hacked into my account or there is a computer glitch on Apple’s end because HUNDREDS of dollars worth of music, movies, apps, and shows were purchased using my account. I did NOT make these purchases.
I have cancelled that credit card because of iTunes. If they will examine my past purchase habits, they will see that those purchases are highly uncharacteristic of my iTunes spending behavior. My credit card company called me to inform me of the questionble purchases. Why doesn’t Apple to do the same?
I have been a loyal Apple/Mac user since the mid 1980’s and am discouraged and angered by this lack of security. Apple should be embarrassed and exposed.
This scam keeps going on and on. This morning, I got an email from iTunes reporting on my latest purchases. This was an immediate red flag, since I hadn’t bought any apps in weeks. I looked at the email, and it was $47 worth of apps I would never be interested in (including one in Chinese characters–surprise, surprise!). I immediately contacted my credit card company and cancelled the card. I changed the password on iTunes, but now I can’t update any of my existing iPhone apps until I pay the “pending charges.”
I Googled “iTunes account hacked,” and got page after page of similar horror stories. The general public sees only fluff stories in the news media about how wonderful the iPad and iPhone 4 is, but Apple is flying under the radar about this.
I’m another victim! Just received an email receipt of a £20 plus purchase for apps that I did not place. When I logged on to my account, I found further 10 lots of over £20 purchases (totalling more than £200).
Now, I’m just wasting my time on a phone call to my credit card company and had just sent an email to Itunes (but am not hopeful of a quick resolution).
I will never, ever buy on Itunes again!!
Quick update: My credit card company sent me a new card overnight via UPS. Now that’s what customer service should be!
STILL NO WORD FROM APPLE, despite their email promising a “response within 24 hours.” When my contract is up, I’m dumping the iPhone. Never again will I recommend an Apple product to anyone.
This happened to me and I want to know how they did it, how they got access to my account? What other information they know about me. I used an impossible to guess password, so they must have inside access to Apples’ network or have sometype of key reader on all of our computers. I run anti-virus and malware blocking software.
Apple maintains log files on IP addresses, serial numbers, etc of the computers/devices accessing and downloading these files. They log all successful login, failed attempts and any account changes. I want to file a class-action lawsuit against Apple to get access to this information and have them address the issue publicly, get the FBI involved, and tell us the truth about whats happening. Tell us how our accounts were compromised and by whom.
Does anyone want to join me in my class-action lawsuit? There are enough people on this list to start and I’m sure there are many others out there.
Dave, I would…but I don’t live in the USA, I live in a country where the most importand and diffused newspaper every day publishes what you could euphemistically call “technical articles”, sponsorizing Apple…
Anyway I have filed an IC complaint, wrote to the FBI CyberCrime Division, wrote to UK and US newspapers an IT periodics.
What I cannot stand is this deafening silence from Apple…
This JUST happened to me, but it seems like they ordered about $48 in iPhone apps. I found out when I got an email receipt from iTunes with all the apps listed…one which was in Chinese characters (as a previous poster listed). Unfortunately this happened while I am on vacation! I was however able to change my password and check the order number online, BUT the order didn’t seem to exist in their system… although it surely appeared in my pending transations in my bank account! I have to wait until Tuesday (Monday was a holiday) to get a new card and file a claim on the transactions. (new car due to below…)
BUT the day after I saw the iTunes charges, I logged into my bank account and there were EVEN MORE crazy charges that I did not do. The hacker ordered a bunch of make-money-quick things, and gamefly and netflix and other odd vendors… I quickly canceled my card! WTF? So I am thinking the hacker was able to access my account number, address, email AND phone number to place these orders. I am guessing they got it from my iTunes account since the iTunes was the first fraudulent transaction.
Moral of the story: NEVER link your card number to anything. I had my card number saved to my iTunes account.
A sudden burst in the last few days of articles/blogs referring to iTunes having been hacked…
Everyone seems surprised.
Let’s see what happens next. Probably nothing.
Why haven’t you people heard yet about these scams i was warned about them by reading the itunes terms and agreement document that states that itunes is not responsible for any theft regarding online transactions heh thats why i ALWAYS USE ITUNES GIFTCARDS there secure and less vulnerable to such attacks because they have a set amount of money and hackers could care less about giftcards they just want your account so they can debit what they want on your money instead of theirs and the real kicker is i read that these hackers are 1) Hacking accounts to buy gift cards to sell via blackmarket or other like ebay or 2) they are buying songs and videos so they can convert them to a easy format like mp3 and wmv so they can sell the material via compact disk to people or put them on peer2peer sites for downloading purposes it’s crazzy!
My AppleIeID / iTunes account was hijacked in June of 2009 after having used my Apple ID to log into the Apple Developers Connection website. Within a few hours someone locked me out of my iTunes account & purchased two $50.00 gift cards. I documented the issue & aftermath on my blog in two posts.
http://go2jo.us/c7pJOZ
http://go2jo.us/b1twSJ
Apple has to do something now. Maybe? The media smells blood in the water. Yeah … I’m not counting on it either.
Byron, for what I know in this case the most important and lucrative activity is selling the access to a modified (once hacked) iTunes account to a number of people ranging from 1 to n, at different prices, allowing them to download everything they want while the legitimate owner is cut-off(Matador’s posts).
And yes, no one should ever link his credit (or debit) card to any online account. BUT, why does Apple pretend a credit card number to open a iTunes account? You can always chose as payment method “none”, in a second time. But someone can forget to do it or can be unaware of this security flaw.
I too have been a victim of this hacking – lost £ 165/- from my credit card – have already informed the CC company but not sure if I will get my money back. Complained to Apple, stopped my account with iTunes, removed the CC details, changed the password but I doubt if Apple will admit that the fault is at their end. Got the standard responses from Apple explaining how their system uses encrypted methods, etc and that it cant be something at their end but they could not explain how someone could have hacked the account and hence the problem is mine and not theirs. Would be nice if somehow Apple was made responsible for all of this. They seem to take it for granted that because they are such a huge company , they can get away with anything.
Reading the post from Joe Streno (veeeery interesting) a question finally arises: how did they hack into iTunes?
Some guessing: it is not a continuos thing, Aplle would have stopped it. Maybe it happened a while ago and its proportions were epic…and the hackers are still living on that (unknown/denied?) episode, selling and trading entire customers’ lists.
What’s your impression?
I was also hacked over the 4th of July weekend and taken for $200 or so before I changed my password.
I am aware that this possibility exists with any online transaction but I have been thoroughly upset by Apple’s lackadaisical response. Clayton Morris from FOX claims that “only 400” accounts were hacked but it seems that this has been going on for over 2 years now. Only 400 accounts every weekend doesn’t seem like alot unless it’s your account.
Another frustrating thing is that Apple has disabled my account and seems to be in no rush to re-enable it. I have gone elsewhere for digital content but unfortunately there is no other place to get apps (unless I jailbreak and steal them! or buy Cydia/ROCK apps!).
Very Frustrated!
I have the same problem. I was charged over $100 for apps on itunes that I was not aware of, until I saw my receipts and my bank statement.
I called the apple support, and they were no help. Told me to wait for the email response in two days! I contacted my bank, and they said, if it was from an account from itunes. Then the fault lies with them. The itunes might have compromised my account info.
Super Frustrated Right Now! Can anybody help me with this?
This has just happened to me.
I have had £40GBP spent on music and TV from my itunes account. I sent Apple a support request email requesting a charge reversal but they have told me that I need to speak to my bank.
There is NO chance that anyone could of acquired my password through my own fault. I am very particular about which computers I log into and the level of security I use in my passwords.
I am extremely dissapointed in Apple and will be closing my iTunes account once this has been resolved. I will also be disposing of my iPod and replacing it with a good Android phone.
After reading about the number of other people with the same issue I shall be informing my customers about this and I will advise them that unless they need an account (ie for iPhones) that they should distance themselves from the service as best as they can.
Yep! I haven’t used the itunes store in over 3 months and all of a sudden I see receipts in my email. Upon realizing that the only way I was going to be able to make Apple aware of this was in 48 hours by email, I just called my bank and canceled my card. (10 days for a new one) Someone charged all kinds of apps and stuff for the ipad – each receipt was for around $48 and their were dozens of them over the course of 2 days. My itunes account says “charges pending” so I can’t change any information on my account or take down my credit card info, just change my password. Shocked that there’s not even a number you can call to speak with Apple about this.
Related experience…..bought an iPad on July 2 at Apple Store; activating the iPad required me to create an iTunes account and enter a credit card. Also had to create AT&T 3g account, so all three had the same credit card number (never used elsewhere). On July 9, someone used my card at a baseball hat website.
Since this has to be the fault of the Apple store (owned by Apple) or the iTunes website (owned by Apple) or AT&T (chosen by Apple), I don’t think I will be doing business with Apple any more.
I had the same experience over the past two days. A series of apps and videos have been charged to my account.
I wonder about what the original post suggested–how does it make sense? What is someone doing with presumably DRM-protected media?
A brief update on my experience. It took Apple three days to respond to say they wouldn’t do anything about it.
What’s more, it appears that the person who gained access to my account deauthorized my computers in order to be able to play what he downloaded on my account. I assume using the feature that allows a user to deauthorize all connected machines.
OK. This has happened to me overnight, about £220-worth of downloads in 7 separate transactions. My iTunes account is linked to my debit car. I have spoken to my bank, who will chargeback the payments so Apple won’t get the money. I did try iTunes first of all but, as everyone else has found, they have absolutely no interest whatsoever – you can’t even speak to someone about the fraud.
Obviously not everybody gets their money back from their bank or CC provider, so Apple keeps the profits from this scam, which is the simple explanation for why they do nothing about it – given the number of posts on this thread, the amount of profit is presumably colossal.
The explanation from Matador above seems about right – I had some stuff purchased which was described in Chinese characters so I guess my details were stolen from somewhere and sold on taobao.
One thing I did notice – in Matador’s explanation, the example he used was a Yahoo email account. My email account linked to iTunes is Yahoo (not any more!). Is everyone else’s? Is this a Yahoo problem rather than iTunes? Just a thought, it only needs one person to pipe up and say they use a non-Yahoo account to scotch that idea.
Apple did tell me that they would release information about who bought the unauthorised purchases if I report the matter to the police. I guess no-one bothers, as the amounts involved are relatively small individually (in the vast majority of cases) and as the offender is probably in China, nothing will be done. I am however going to waste an hour of my time later today with our local constabulary just to make Apple do something (at the very least some lazy arse at Apple will have to respond to the police instead of sitting around eating donuts and laughing at their customers all day, which I imagine to be the case).
I will only be using itunes gift cards for purchases from now on, although as with many other posters above, I will be using amazon.com (or play.com, emusic.com or anyone else at all rather than itunes) for purchases where possible. Only when itunes revenue plummets because everyone uses other sources, will they take any notice.
Just happened to me last night. Two $50 gift certificates and all Apple iTunes support can do is “email response within 48 hours.” I was told by my bank this morning that I can file a dispute on my unauthorized debit card purchases and the money will be returned to my account “within 10 days.” I changed my password within 2 minutes of getting the emails from iTunes that I made these purchases, but the email receipts came FOUR HOURS after they were bought. Good luck with everyone staying safe on iTunes. I hate that I have to keep a credit card on file but in order to avoid having to get out my wallet to download FREE apps or update FREE apps, that’s what we have to do.
Deadpig, mine wasn’t a Yahoo account, it was something like xxxxx@mclink.it
BTW, reading tons of posts on the Internet about this problem I realized that an intense outburst of hacked accounts (among the others) started in October 2009.
Well, my CC company called me just that October telling that, due to a possible “compromission” of my CC they had to suspend that card and to issue a new one.
Without telling me the source of this possible compromission but with a lot of apologies.
I tried many times to know which was the merchant responsible for that (obviously I did not want to recurr into the same problem) but they always denied to tell his name because of the ongoing investigation and unspecified “legal problems”.
Now I have a suspect…
This happened to me today. There were 2 pending charges of $50 each in my bank account as my debit card is linked to my itunes account. Tried to call apple, they said that I had to go to support section of apple webpage to send an email, they would answer me in 48 hours. So not much help from them. I had to cancel my debit card and dispute the charges but I have to wait 10 days also.
Interestingly enough, they were listed as gift certificates for my name minus the first letter and my password minus the first letter. I am changing passwords immediately. I am glad that I caught this right away so it didn’t get worse.
Count me in too for having an iTunes account hacked today.
I contacted the bank, PayPal, and sent the iTunes customer service e-mails, even calling iTunes (which didn’t get me a thing). All-in-all, we’re done in for $160.
As I was removing our payment information, the hackers were actually using my account to buy another $40 worth of apps, which didn’t go through because I had disabled the PayPal link.
This is BS. I should have disabled iTunes months ago.
Im a cop and I as well started to get emails showing that money was being taken out of my account for things that were bought on itunes $209.00 dollors worth. I ended up doing a police report and the bank took care of it but now itunes will not let me update becouse the card on file I had cancled. They are saying they need for me to update my acct due to the this that were not paid for. There meaning the thing that did not get paid for before I killed the card. Now I’m afraid if i put a new card on file they will charge. I there is no number to talk to someone so I’m not happy with them at all.
Same problems for NZ account holder. Around $250 of Apps and music charge.
Interestingly hijacking happened a few weeks after redeeming a gift card (free music download). Is this a pattern common to other people with hacked accounts? Did you redeem or purchase a gift-type card just prior to your account being hijacked?
I had something similar happen to me as well – got charged for $119.99 twice – the first one went through and the next was blocked by my card company and they alerted me – I am disputing it and the card company is investigating; but in the meantime, iTunes have disabled my account! I had a similar hacking experience two years ago and the hacker was from China – compromised my Paypal account; to this day Paypal has not acknowledged the fact that they are vulnerable; I do not do business with them any more.
Sunil
I have all of you beat…they purchased over $50 worth of Norah Jones music on my account in 3 different transactions. My account was linked to my Paypal account, which of course does not have any money in it so it debited from my checking account. It has not hit my bank yet, but I will dispute it as soon as it does. I have also disputed it with Paypal, not much hope there. This is just crazy and I will cancel my itunes account, I will just go back to buying CD’s!!!
It just happened to me on 7/27/10. I haven’t used iTunes in ages! My paypal account was linked. I contacted PayPal and iTunes.
We were hacked yesterday, someone bought $300 worth of stuff from itunes and it came out of our paypal account, it showed up in my fiancee’s email as reciepts from paypal.
Add me to the list…
Woke up today to see 5 separate charges from iTunes which was linked to my PayPal account. The weird thing is is that I have not purchased anything through iTunes since 2006. Luckily, I was able to stop the charges before they hit my bank so I am not out of pocket any money. I will just have to deal with disputing the charges with PayPal. Im just confused where the comprised occurred – iTunes, PayPay, or both? If it was comprised at PayPay why go thru iTunes to make purchases…if I was a criminal I would aim higher. If it was comprised thru iTunes why wait 4 years to start using it? It all seems fishy and just doesnt add up.
@KN – my hack order included Nora Jones too… Maybe a useful pattern for the iTunes investigation to pursue?
I have now successfully had the unauthorised purchases refunded.
No acknowledgment or reassurance from iTunes regarding the potential security breach.
This is what I have proposed that iTunes should do to protect its customers. (Feel free to copy-and-paste to your own correspondence with iTunes Store.)
I’m seeking reassurances from iTunes Store, that:
-iTunes will (or has) investigated reports of account access details being disclosed and onsold.
-iTunes will audit iTunes account security policies and procedures.
-iTunes will not automatically store credit card numbers when a person creates a new iTunes account.
-iTunes will contact all iTunes customers advising them that, in light of potential security issues, iTunes has cleared all stored credit card details; and recommends that users change their passwords.
Got charged 40 dollars twice for a bunch of cheap kid games. Had an automatic authorization through paypal. Now I have to wait until the charges clear my bank to dispute.
This happened to me too today. I received 8 emails from itunes and 8 emails from paypal. I called apple and asked to speak to someone about his matter ASAP. I was told that there is not a number and they are not authorized to look up account information. I was told to dispute it online. I’m still looking for the dispute link. This is really inexcusable! There should be a proper customer service person that can assist with this type of issue. I have contacted my bank and canceled my card and removed my payment information from paypal. Thankfully, my bank is helping me with this problem.
My Iphone is also my alarm clock. In the early morning hours of July 28th around 3 am, I was awakened by the “new email” beep that the phone makes. Strange I thought, who is emailing me at this hour. I grab the phone and open the email and there staring me in the face is a $50 receipt for an Itunes gift card! I jump out of bed and go to the itunes purchase record which took a couple of minutes and sure enough, there was the purchase along with the authorization code to cash in the $50. When I tried to cash the certificate I was informed that it had already been cashed in! I immediatly removed my credit card info from the itunes account but as of today my bank account shows that there were two purchases, Itunes still shows only one. I sent an email to Apple but have yet to hear a peep. I am going to my bank first thing Monday morning. After reading this forum I am in grave doubt of ever buying an app or song from apple again, or at least until I know my data is safe. I live alone and NO ONE has access to my account or computer. Apple, are you reading this forum?
YAY! I think I may be the first to get hacked in August! Yesterday someone posted 8 payments of 160$ and one for 2$ from Itunes to my paypal account. Apple has such huge security breach, its unacceptable for this to have gone on this long. Funny thing is, these showed up in my email, they dont show on my purchase hist in itunes, but they do show in paypal. Luckily, only the 2$ charge hit my bank. What a shame :(
I woke up this morning to find out that someone made a bunch of purchases resulting in a $140 charge to my linked Paypal account. I disputing the charges to Paypal and my bank (which told me they cannot do much until the transaction come thru).
I believe the breach is on iTunes (Apple); not Paypal. Apple has a good history of hiding breach issues. I will see thru that my money is refunded or this will be a great class action suit because there are thousands of similar issues according to the folk at Paypal.
I was also just hit with a theft on iTunes — no gift cards, apparently my thief isn’t sophisticated enough for that — but they made 4 grouped transactions totaling $169.78! The kicker is that they bought apps for their IPAD while I’m still here trying to get a job… and it sounds like Apple isn’t going to do much to get the money back to me. I’ve sent reports to every single one of the purchases and a general one on the iTunes support website, along with 4 PayPal disputes, but, *sigh* it looks like my chances are slim.
Guess you can count me in as well. Over a three day period someone from China purchased apps in Chinese in the total amount of 242.43. After hours on the phone I ended up at the bank signing an affidavit that these were not mine and had to pay a $25.00 fee. I believe Apple should gift me the difference but we shall see. I do think there should be a class action should be considered. I am an apple user I have three I pods, an iPod touch and an iPad. As a loyal consumer I need more proof that these security breeches will be addressed and fixed in order for me to stay loyal to Apple
I got hit yesterday to the tune of $700. They made 16 purchases through my paypal account plus I have a balance due because paypal denied the payment. Most of the charges were for aps and games. I’ve sent a dispute through paypal but haven’t gotten a response. Part was charged to my credit card and the rest to my bank account. My credit card has been canceled. They say I won’t have to pay for the charges. My bank account cannot be closed until all pending transactions have cleared. I have to pay for the downloads then file a dispute. I better get my $480 back.
This seems to have been happening for quite some time. Is Apple doin anything to stop it? I don’t think I’ll be using iTunes again. I’ve heard many people say that Apple has done nothing to help them.
Just received 10 emails at 12:01am for 10 different purchases of “Original Gangstaz, street cred” for $160.49 each. Totaling $1,600. Oh, and 1 purchase of a pit bull song……….
Sounds like it is going to be a good time trying to get this resolved. With all these problems. Someone might want to look into this……
Add me to the list with over $2300 in a few hours (the receipts arrived around 3 AM). The charge was always the exact same amount and for the same thing (points for some game). It was bought on a device so I would think there would be some way to track who did it but apparently not.
worst day ever.
I just got hit in the last hour for $99.83 for three iTunes purchases that went against my PayPal account. The third one hit while I was filing a disupute with PayPal for the first two. I removed my PayPal link in iTunes and called iTunes support. But, it appears that it will be unlikely that any money will be refunded. I can’t believe iTunes does not require a login to PayPal to authorized purchases. Apple is unresponsive. I won’t be doing any more business with them.
Got hit overnight for about $250 in iTunes purchases. 2 of the purchases were for points for a “World War” game and the others were for Grand Theft Auto, Guitar Wars, and a few single songs. I had $215 in my Paypal account which is now gone and the rest was taken from my bank account. I have disputed the charges with Paypal but, from reading the responses above, I am not holding my breath for a refund. When I logged into my iTunes account, I removed my Paypal payment method and changed my password and security questions. I also noticed that 4 machines were authorized for my account. I had to install iTunes on another machine to hit my 5 max so I could unauthorize all of them. Now I have to wait a couple hours before iTunes phone support opens to dispute this with them.
Add me to this list. Luckily, my credit card company is so aware of the situation that their fraud division caught my charges after only three purchases totaling less than $100. The CC rep said this has been a problem for a while, but has exploded over the past few months and many of the bogus charges are coming in from Indonesia. She also stated that Apple is so aware of problem that their refunds to the credit card companies are almost instantaneous, but it is affecting their credit ratings with the cc companies.
I also got the $160.49 exploit tonight…some 25 charges before I hopped onto PayPal and canceled the billing agreement. You’re right, Apple’s system must not be that secure. Because it didn’t happen on my end – I’m virus free. Not even usually an iTunes user…I opened it tonight to play a few songs, didn’t even open the iTunes Store, and next thing you know my inbox is flooded with these iTunes PayPal purchases.
@Keith
The same thing had been charged to me. The $150 honor points for a game called “world War” …i never even heard of that game @.@
But i did like you did and disputed a claim. I also emailed Itunes
I just hope i can get this resolved
Same thing happened to me too. While I was at the fair away from any wifi or anything…. 12 charges totaling 36.82 leaving my iTunes account balance with 60 some odd cents.
OK. GOt a frantic call from my college kid alerting me that the entire “GIFTCARD” balance that was on her ITUNES account had been used by someone other than her. SHe has been hacked. Luckily she has no debit card or paypal but $50 in giftcards that she now doens’t know if she will ever see again. I see alot of theft for CC or paypal but not alot is mentioned in stealing of existing balances that were from existing giftcards. I phoned apple /itunes and they gentlemen with broken english directed me to email them. Oh well…the world can be an evil place sometimes. A new life lesson for my college kid.
It still happening, 13 charges for nearly $700 + 5 more that were blocked becuase I caught it in the middle of the act and changed my paypal password, and then my iTunes password once I noticed all the chareges were iTunes. I haven’t even used my iTunes in 4 years so I don’t know how/when they were able to hack the account. You would think that apple would have a better security system in place since this is continuing to happen to so many people. I am telling everyone that i know.
I also had a gift card balance. Got an email receipt from itunes for three ridiculous applications totaling $12. They occured around 1130 am 9/13/10. I was at work and clearly wouldn’t have had the time or opportunity to be dinking around on itunes. Thank God I didnt save any credit card information. But there are 2 other computers suthorized on my account. Will probably have to delete itunes all together and start over to get rid of those unknown authorizations. And I can forget about my $12 for sure.
Dear,
Today I recevied more than 50 sms from Itunes that a did a purshces for usd 49.99 other 134.92 andlot of other amount, more than maybe 50 transaction today, I did not do it, it is not me, . someone access my account and no one has the account login ID nor Password!!??
I just had my $37 balance of redeemed iTunes cards consumed by about 2 dozen FREE and cost apps – most were iPad/HD apps, and 5 of them had asian-character names for the apps. I reported all of them, but an Apple representative won’t be able to contact me for at least 48 hrs. What I find really appalling is that I work in the IT Security field with over 22 yrs of professional experience, I’ve never been scammed by Phishing e-mails (I check RFC-822 headers for full paths to see where these mails come from), I’m a security nut so my passwords are exceptionally cryptic – upper and lower-case, symbols and numbers. I’ve been a Mac user and iTunes user since the start with my old 5GB iPod, and now on Apple TV and iPhone 3GS. This is the first time i’ve carried a Redeemed Card balance over 20 bucks, as I just added $30 to it yesterday. Thankfully, I had removed my credit card on file, to only redeem cards going forward. I’m a big Apple ‘zealot’ and have been since 1983 – if Apple doesn’t come through with crediting all those iPad purchases for an iPad I don’t have, I will no longer carry an iTunes balance of any kind.
I had a $75 balance on my account, and luckily no credit card. I had been on vacation and came back to see that just two days ago someone has spent all of my balance (except for 5 cents. They are so nice to leave me some of my own money). Most of the purchases are apps (both free and cost apps) and like Neil, a lot of them have Chinese character names for the apps and are ipad/HD apps. I have reported all of the purchases and have even sent e-mails about all of them, as well as one about deauthorizing my computers for me (as there are 3 authorized and I only authorized 2). None of my information was changed, they just used my money. I have changed my password, account id, and secret question, though my password was secure as it was a mix of upper and lowercase and included a number. Nor have I ever fallen for a phishing e-mail. At this point in time, I do not even have a working ipod at the moment, and if I did, it would only be a shuffle, which I have owned for the past five years. I have asked for a refund of my money, but doubt I will get it. It’s nice to know that I’m not the only one this is happening to, but I hope we can all get this resolved. :(
How eerie that my problem is exactly the same as Neil’s and Kizna’s. Balance wiped out except for pennies. Finding 3 machines authorized except for the 2 that I know I did. Same type of apps purchased by the hacker. I had thought that I had been targeted with a rootkit or keylogger of some kind, but realize now that the problem lies in the safety of the iTunes data infrastructure.
The only thing that’s different about my issue is the fact that I once had a credit card associated with my account, and I see now that the card info is gone.
I’m surprised that the hackers did not change my password and I was still able to access my iTunes account. As soon as I saw the receipt for the apps that were purchased with my store credits, I changed my password. Hopefully iTunes encrypts passwords going forward or the same thing will happen again.
I did report this issue to iTunes and they did credit me back the store credits that were stolen.
I have also requested that I be allowed to “Deauthorize All” again. I did that a month or so ago when I found 5 machines authorized and needed to authorize a new PC I had gotten. I never thought about the possibility of someone hacking my account and authorizing more machines. At any rate, the Apple policy is that you can only deauthorize all only once per year. That, to me, is totally ridiculous.
Just happened to me over the weekend. Someone charged the full balance of my account (thank GOD i didn’t have a cc attached for purchases) and wiped out my GC balance on iTunes.
Contacted support and they are refunding. There WAS a new AUTHORIZED computer on the account. That is a little disconcerting to say the least.
I’m not really sure what to think now. I use very, very complex passwords for everything. Is there an app that is taking passwords from our iDevices?
It happened to me on 09/28/2010, I don’t have a credit card on file, but I purchase gift cards for myself as an allowance like thing. And I’m finding out about it now. Usually if I make a purchase I get an email from itunes as a receipt, I did not get an email, my login said I have $36.25, but when I checked my account it said I had 0.22 cents. The purchase history said my most recent purchase was 09/28/2010 a bunch of techno music was purchased and thats not me at all, I have a southern heavy metal taste in music so its an extremely unusual purchase for me, I sent an email to itunes, told them everyting purchased on 09/28/2010 was not me, my account has been compromised. The creepy thing is: no extra computers have been authorized and I can’t find the purchased AAC versions anywhere on my computer. I have an aggresive antivirus and spyware program. The only thing I can think of is they launched a trojan horse on my computer, so that way they can download songs from my account to their computer. I’m freaked out! What else can they get into? Being a blue collar working man I don’t have a lot of money, no credit cards, lots of student loans, I work hard for my money. Only to have some foreign kid steal it for cheesy techno music. Notings fair in this world.
Please if your in a similar situation, please tell me what happened with you!
Someone got on my account and spent $41 dollars, thank god no credit card info. I too the last three posts had someone bought an asian app called Tappi Bear All in 1. they also bought an Tom Tom usa GPS app, I cant use it, i have an iPod touch! I sent a report in so hopefully it gets resolved.
SAME thing happened to me. Got an email receipt saying my gift card-purchased account balance of 35 somethin dollars was drained on two sports apps and a few other games. No credit card on file, and I’m not sure but I think I might have had one on file originally, luckily it would’ve been my old and disabled card anyways. Changed ALL of my passwords as I was thinking about it anyways, hopefully they weren’t able to get into much in the 24 hours since it happened; I haven’t seen any other evidence of tampering. WTF APPLE. Sent Report Problems for all 6 items and will definitely go through a bit of trouble to get that $35 back! Will post back here with results, please other people do the same!
What and how do I contact Itunes??? My son got all his money spent with Apps and now has a 0 balances. What do I do?
hi. i had the same problem. i had 200 dollars on my account! and the next day i had 4 cents left and i got an email saying i made alot of unauthorized purchases. a couple games.. 1 that was 100 dollars 1 that was 30 and alot of free games and many 1-20 dollars games and music. itunes doesnt help at all.
Yea me too I had 41 dollars worth of gift cards in itunes luckily i didnt have a credit card number but somone purchased 41 dollars worth of iPad apps. I dont even own an IPAD! I reported it to itunes but i doubt they care to refund me my money.
This just happened to me. I got up this morning and had receipts in my inbox for a $50 itunes giftcard. Luckily I don’t have to cancel a credit card. I just took PayPal off my payment list and I will do that after every purchase if I have to. I wish I could leave Paypal on there and just re-enter the password each time but apparently that’s not an option.
I’ve filed the dispute with Paypal and with iTunes. Hopefully it will be okay.
I’m not sure how someone would have hacked in because nobody has access to my home computer and phone, and my work password is not an easy one. I’m going to deauthorize it anyway and check my computers for keyloggers.
I just had over £15 pounds from my account spent on apps with chinese characters in the title. I don’t even have an Iphone or anyting to use apps on. I am deeply distressed and concerned!
Similar story here. I had all but pence of my giftcard credit removed. Hacker didn’t change my password, but I guess that because I don’t have credit card linked to my account there was no point once he’d (or she’d) drained my account.
What I’d like to know is how they get passwords?
Mine is very secure password only used on my itunes account. Keylogging is out of the question with my set up.
Matador’s posts were very helpful in understanding how this fraud works, but still doesn’t indicate where password loophole arises. Even if it is an apple security lapse, it’s hard to understand why it continues over such an extended time frame.
There seems to be a major problem here reading all these accounts of theft, what is Apple doing about it? I have just had $150 taken from my iTunes account, also for Chinese purchases. Clearly there seems to be a problem at Apple, I think it’s time to go to the media about this
I got hit with dozens of purchases (songs, movies, tv series) totaling more than $1600. I really don’t think my account got hacked. I believe it’s something going on with iTunes. I went to check for downloads from a couple seasons I previously paid for and I got several error messages, then all of a sudden, gigs and gigs of downloads appeared. Apple is making a ton of money off of people with these so-called “hacked” purchases. I hope my bank gets this cleared up. iTunes has lost my business forever.
I can’t believe this. My son had a $50 credit (from a gift card that he rec’d for xmas) and it has all but disappeared except for about .43 cents.
I tried to contact itunes, but only get computer recordings that refuse to put me through to a real person – this is really frustrating. Has anyone had any success at dealing with itunes? I am so pissed off that I am considering closing my own itunes account – and I am a good customer. It surprises me that these issues have been going on for so long and that nobody has taken this seriously.
got an email yesterday saying my password had been
updated.. when I got to my itunes it let me in, so I thought it was
a spam email… this morning I woke up to find an email saying my
credit card and shipping info had been changed. After that email I
received 2 emails from itunes with a receipt# for gift cards in the
amount of $50. I tried to cancel everything, but it wasn’t even my
credit card they were charging stuff on! they had put someone
else’s credit card # in and left my name and phon #. first address
was changed to Bronson, OH and the second one is Fruitvale, CO.
received another notice about my credit card and shipping being
changed again to the Fruitvale, CO address and I have now changed
my password and taken cc info off. Should I contact my local
authorities? I don’t want to get a phone call about me using
someone’s credit cards!
wtf someone just placed 19 orders of 50$!!!!!!!!!!!!this is fucking major issue…stupid apple store!!!!!!!
Hmm. Recycled posts from your (albeit, well done) blog, but without dates showing on them here in FB land…
I know, I took out the “Posted a new blog” but didn’t know what to put…
“Gary’s reposting one of his most popular posts ever”?
Hmm. Similar issue here – bit of a catch 22 situation as to what to do. 2 x £25 charges for gift cards turned up. I emailed itunes, changed my password and took out my debit card information. Then thought…if I cancel my card with the bank before the charges hit the account, they’ll sit on my itunes account and they probably will refuse to credit them unless I pay for them. If at that point I put my card details in and pay for them, the bank will probably say that I’ve authorised the transaction. So, is it best to leave my card live, let the charges hit the account and then get the bank to refund – as I anticipate itunes will respond via email to this end.
What’s the risk that they have my debit card details? Well, the itunes account greys out all but the last 4 digits and the expiry date. What would I do if another trader who had my CC details on their system but only detailed the last 4 digits on the account pages, then showed a fraudulent order that didn’t require inputting of my CC details?? I’d contact them to cancel the order but would I dash off and cancel the card too?
Personally, I think I’d rather have the charges hit my charge card then a gift card, I’ll never see that gift card money again. But I know the bank will protect my charge card for me. But if you put the charge card on, that’d be tricky.
I don’t think the bad guys have our card information or they’d be buying other “stuff” than music that would be easier to download, then the mess with our accounts.
Just my 2 cents… (if that phrase means the same in the UK)
Add me to the list.
Logged into my email account at 8am this morning to a Itunes Receipt stating that at 2am this morning I did a monthly gift to Lee of £25 whoever they are. Fortunately they haven’t changed my email or password so i was able to get into my account. I used my debit card in Itunes so the charge hasn’t yet hit my bank account but I’ve contacted my bank Natwest who have cancelled my card (hopefully it might bounce the charge back to ITunes by doing this). Natwest have said I need to get a name from Itunes via email before I they can open up a fraud investigation. I have emailed Itunes and have yet to receive any email, though reading previous victims here I’m not holding my breath for any resolution from Apple. Feel sickened by this. No other charges have been made to my account so far and my password was a secure one so It seems pretty clear that Apple databases have been compromised. Apple have lost my custom, I dont trust them.
Me too.
Also found I had sent a £25 monthly gift to Lee. Got the automated response from Apple, but Lloyds fraud department seem to be on the case.
So yeah. To add to the list me too! 3 gift cards for 50 bucks each. Apple feeds me the same BS, totally not the credit card or banks fault. This one is 100% on Apple and the iTunes store… Someone at apple needs to take some action.
I’ve had £22 in my itunes account since xmas (nice £25 gift card) and last night I came to buy something and saw I only had £0.75p left. I’ve not spent it, not one else uses my ipod. looking at the purchase history theres some chinese writing and lots of songs bought. I never NEVER buy music only apps and games. now I daren’t buy a new itunes card because I’m scared the money will be drained instantly.
***Just as a clarification, all things I post here are my own opinion, and should not be considered fact. If I were to say these things were fact, I would be held legally responsible to prove all of them, else potentially face charges of slander/libel. That being said, this is how I see things.***
I didn’t read all of these replies, but I have a suggestion that may have not been thought of.
The person(s) buying these giftcards are app publishers (or work with app publishers). It would too easily point back to them if they hacked people’s accounts and downloaded thier own products. On the other hand, if they purchase giftcards and Apple just leaves it up to your cc company to sort out, those giftcards are never traced. They can then download multiple copies (delete a copy they just downloaded, then purchase again) of thier own apps and it will all look like legit purchases. The only reason they would download movies and such is to throw you off thier trail.
It makes sense, and it is an ingenious plan. The CC companies will generally get you your money back, often at a loss to themselves. Apple will keep denying responsibility, as they have nothing to lose. These people will remain untracable as long as Apple never steps up. It puts the scammers in a position where they can only win. And as long as Apple keeps up thier practices as they have been, the are essentially a party in credit card fraud (they get a kickback from every app sold).
***Just as a clarification, all things I post here are my own opinion, and should not be considered fact. If I were to say these things were fact, I would be held legally responsible to prove all of them, else potentially face charges of slander/libel. That being said, this is how I see things.***
Roger, your theory seems pretty complicated.
And, in this case, Apple might notice a trend in apps being purchased are all being reported as bought fraudulently.
Many people had this done to them and there were not any apps on their order.
I just had music and videos purchased and one was a season pass, now how was that going to work out?
Very strange…
Maybe this happens everywhere with every service, but there’s just so many iProducts out there it’s easily findable. No reports from the MacApp store yet, and that’s got a lot of higher priced items and they’re not DRMed.
Woke up today to find two charges for $50 Gift cards via my email linked to itunes. Thinking that this might be a phishing email, gmail tells me that it is from apple. To further verify that, i log on to itunes and i find that my username and password is still intact, but my credit card and billing info have been changed to someone in OH. What’s even weirder is that the account purchase history only shows one GC transaction, even though my email tells me that two were purchased. i checked my credit card and it hasn’t been touched… yet. hopefully it stays that way!
i’m thinkin that this might be a database issue with itunes, but with the amount of people here with similar sounding issues sounds more like a hacker.
Ryan, same thing happened to me. It was like in New York, Ceder Lane or something like that? All my account info was changed except for username and password. It wasn’t even charged to my credit card. The giftcards were addressed to my password, like the name on the giftcard was my password. I’m tempted to use the giftcards cause it gave me the code for them.
I just realized after purchasing an ipod touch that my itunes account had been compromised as well. It wouldn’t let me download any free apps to the ipod touch because it said my apple id had been disabled. After doing some research on Itunes (even though I have owned an ipod classic for 6 years, I’ve never used the istore or even looked at my account information) I realize it has really old payment information that may be the reason it was giving me the apple id message. So I update it, it asks me to approve a past due balance of 9.99, I think that is strange, I’ve never bought anything but I say yes – It’s only 9.99, right? And I want to use my ipod touch!! Then I try to figure out what the 9.99 is for – and realize almost a year ago a movie was purchased!! Also, there are about $600.00 in purchases for tv shows (whole seasons as well) that I would have never bought! So the support people call me today and speak to Itunes but they don’t believe that I wouldn’t have known about the purchases before now. They’re not going to do anything about it – told me to dispute it with my bank for the 9.99 but not sure about the other charges. I’m very confused why Apple does not believe that accounts can get hacked like anything else…identities are stolen all the time, so can itunes accounts. The itunes rep that my support rep was talking to didn’t even believe him…she basically blew me off and sent me back to my bank. Thanks apple.
So my wife’s itunes account was hacked a month ago, same deal: two $50 gift certificates, password was referenced in the purchase, and the address as well as the credit card were not hers.
The reason I’m posting this now is because she’s had to do the password reset on the account again, because Apple blocked the account, as though someone was trying to hack it again (multiple failed password attempts not made by her)…
And, perhaps more strangely, when we changed her address after the first hack, to represent our recent move to another state, it was to an address that sounds like what “Alec” just posted! Cedar Brook Lane!
Got the shock I didn’t need the other day checking my email. Itunes invoices to the tune of $465…..I only had a $20 gift card loaded to by angry birds and some other $2 games. CC cancelled and a transaction dispute will be filled with my provider. I was skeptical before I bought the Ipod and I have been proven right. Never liked Apple anyway. Lot of people say it’s the end user but methinks there’s more to it.
lot’s of of loopholes etc, thanks Apple. I’ll spread the good word.
Maybe Apple has woken up to the fact either their database is haywire or there is frequent fraud going on. In the 3rd week of May 2011 I went through a whole rigamarole with purchases being made against my iTunes gift card credit, which they eventually refunded, after disabling my account, etc. The purchases had essentially emptied a $50 credit to near 0. The games in question were downloaded to my PC. I certainly never ordered or purchased them.
They believed me when I said I never purchase Sega games, but called this refund a “one-time” thing–not very reassuring. I’ve increased my security as suggested by iTunes.
My personal suspicions fall on Apple staff. I’m no techie, but I thought someone on the inside could be tapping into the customer database (e.g., for customers like me with a credit) and somehow gaining access to the files they’ve bought using others’ accounts. But maybe I’m offbase and other suggestions above are more realistic. THANKS.
Frank says on:
31 May 2011 at 11:21 pm
So my wife’s itunes account was hacked a month ago, same deal: two $50 gift certificates, password was referenced in the purchase, and the address as well as the credit card were not hers.
The reason I’m posting this now is because she’s had to do the password reset on the account again, because Apple blocked the account, as though someone was trying to hack it again (multiple failed password attempts not made by her)…
And, perhaps more strangely, when we changed her address after the first hack, to represent our recent move to another state, it was to an address that sounds like what “Alec” just posted! Cedar Brook Lane!
Frank,
Same thing happened to me where a $50 GC was purchased with a different credit card number and partial wrong address on my itunes account. My password was also referenced in the purchase, like it was a glitch or the hacker is taunting. The Itunes staff will not trace the credit card used and alert the bank to the fraudulent charges, so someone is getting charged $50. I can’t dispute it with my bank because it isn’t my card. Apple isn’t helpful with this. I’ve since changed all of my login info including email.
LITTLE DIFFERENT SCENARIO***Hoping for some help–I had someone hack my account and charge 36 dollars; however, I had $60 worth of gift card money left to my account. So they used up my gift card money and my bank has no way of helping in this situation. Does anyone have a contact number I could try out with apple? I am assuming that money is long gone and will never be recovered.
I got similar charges two days back. Luckily my bank tracked it and alerted me. They told me to contact the 8667127753 number which point to http://www.apple.com/support/cc and it doesn’t help. I have written to apple through http://www.apple.com/support/itunes/contact.html. I hope they do something about this.
One would think Apple should be able to do something about this. FBI should be able to get to who owns 8667127753. These criminals need to put in jail.
Ryan (published 5/25/2011),
I have exactly the same problem! Do you have any updates? I am afraid of identity theft.
Same problem: my account, different credit card. Haven’t used iTunes or even my Apple ID in years.
I was just hacked mid day. I got email that my password and billing info was changed. But I checked my address is still the same. Then at 3pm they bought some app that’s $14.99 that’s in foreign Asian character. It sucks because I had a $15 in there from my birthday and have not bought anything. I emailed iTunes about it, it’s foolishness. I’m hoping to get my money back. I hope nothing else is hacked
This exact same thing happend to me I had $100 worth of gift card balance and someone purchased a $100 app and I dOnt have it on my Mac or my iPod!! How do I get my mOney back?!
My account got hacked, i need help!
My iTunes account has been hacked on the 24th October to the total amount of $1084.97 after I upgraded my iPhone to iOs 5.0 and joined iCloud.
Someone bought plenty of items for about $59.97 each. Someone who signed themselves from Luxemborg.
I have informed iTunes etc., but what can we do to catch the b*****d.
I’m going to guess in that case, they bought a bunch of their own apps. It’s a good way to launder money. Steal a charge card, buy your own $60 app, get 70% of it sent to you by Apple…
Same here. 2 $50 gift cards for “John” purchased on an American Express credit card (not mine, I don’t have AMEX). My e-mail address is the only thing that belongs to me. The address is jeffrey brust, 7 st. johns st bentonville, AR 72712-4082 USA. Checked my e-mail at work to find this. Can’t change anything on itunes until I get home much later tonight. What a hassle!
I’m having the same problem! 84$ have gone in the morning because someone keeps using it to buy “KingdomConquest-, xxxCP, Seller: SEGA CORPORATION”. Haven’t even heard the heck of this game. Changing the password doesn’t stop them. Now I’m trying to report a problem but iTune can only do it online, no phone service. Hope I can get my refund back.
I just purchased an iphone on Friday. Tried to download the Facebook app (that stated FREE ) right next to it. It would not download until I logged into my apple account. I’ve only used my apple account once YEARS ago when I bought my son a shuffle. So I log in and before I can download the free facebook app, Apple is insisting I update my credit card information. So I get very skeptical about this and go to the apple website from my computer to set up my new password for my account. I then login in with my apple id and new password on my iphone. I get into my acocunt and again it is insisting I update my credit card information. First of all it never made sense why it needed that info for a FREE Facebook app….I just though it was policy or something at this point. I just looked at my banking statement and there is a charge for a movie from itunes! The Hangopver. A movie that I already own on DVD…..So yeah , I will be contacting my bank today and disputing this charge. So I start reading some forums and find out I am not the only one going through this. THis is Bullshit.
Apple does require that you have a valid account. And it needs to be tied to that device. The Apps have DRM (digital rights management) protection so you want to make sure it’s on the account that all your other “stuff” is purchased on or you cannot run it all.
If you have a new device it makes you authenticate they the charge card. On an iDevice, it even makes do this after a (major?) iOS upgrade. This is normal. It might even do it with computer upgrades too, I don’t recall.
What I don’t understand is why would someone fraudulently buy a PROTECTED copy of The Hangover when they could download it easier on-line and probably higher quality unprotected. (I believe you, I’ve repeating this again and again as part of this process). I think it’s a computer accounting problem at Apple.
FYI, this was 2.5 years ago for me, I changed my password and I’ve never had a problem since.
We should all routinely change our passwords, especially those connected to accounts that are tied to our charge cards. That includes the e-mail accounts that those accounts (and charge cards) will send the password to if you forget them.
(Although that doesn’t look as if it helped in Monique’s case above. It appears to have happened right after changing the password)
I’m not exactly sure what just happened with my account. I got an email that a purchase for a $50 gift card had been made on my account yesterday, but was made witha a card number I don’t recognize (not mine). They also changed my city/state but left the rest of my address the same. I’ve contacted Apple, but found the same thing everyone else has, it’s email only and phone support is non-existant. Judging by the other replies here email support is non-existant as well. I have no idea how someone got into my account, but I’ve changed my password, removed any payment info and deauthorized all computers. This is dissapointing to say the least. Thanks Apple.
My card got charged 2 $50 anounts by iTunes, but my iTunes account record does not show those charges. I had bought 2 songs for $0.99 and $1.99. I got an email reciept for these, but was never charged. Strangely the timing of those charges on my CC was coincident with doing an iTunes upgrade.
I managed to get apple on the phone even though they don’t have a phone number for iTunes. I called the main Apple customer service, told them I know you don’t answer iTunes issues on the phone, and managed to get someone sympathetic to my cause who fowarded me to the iphone tech department. They chatted with the iTunes department and tried for nearly an hour to figure it out without success and told be to call the bank. I asked why exactly 2 $50 charges, because I had no idea what they were for and the operator mentioned “probably gift cards” Strange…
I had a very similar thing occur with my account.. $40 dollar gift card bought, a changed name and address which I do not recognize, still my phone number and email. The strangest thing is that the charges were NOT to my credit card, but to a different card which I do not recognize. Maybe even stranger, the 40 dollars has been credited to my account which as far as I know I should only have access to after changing my account info and password. Should I feel safe putting my information and card number back on to my account, and should I use the 40 dollars credited to buy music, or would that be considered stealing from the random act of someone adding 40 dollars to my account? A very strange thing going on with Itunes here.
I was contacted by my cc company a couple of weeks ago about possible fraud. I had purchased a few dollars in games for my kids a few days prior. A few hours after my purchase, someone hacked into my account and spent the remaining $ of a gift card plus another $100(ish). I never received receipts for the unauthorized purchases so I had no idea what was going on. I cancelled the credit card being used. I changed my password. I changed my AppleID. I am still receiving the message “your AppleID has been disabled”. when I tried to access my old email/AppleID, it said the birthdates don’t match. This is weird. I am the only one with that AppleID and now it doesn’t recognize me? Please pardon my technical stupidity, but I am not that stupid! Someone else is getting my information sent to them! What do I do?
This happened to me yesterday at 8:30 am I’m still asleep at this time before going to bed I checked my email to find that 掌上三国 was purchased for 50$ now all I had was 80$ waiting to be spent giftcard wise so now I’m left with 30$ still sent an email not expecting much but I’m very angry.
This happened to me yesterday 7th March from someone in Japan/Chine they downloaded 2 apps and 1 cd using the funds in my itunes account. I did receive an email from iTunes advising that these transactions had taken place and if It wasn’t me to click on report a problem which I did and it only took me to change my password!! I can’t find how to contact apple/itunes to formally make a fraudulent complaint. Does anyone have a phone no or contact email address for me to contact them?
Many thanks
This will be the second time itunes charges have been taken directly from my checking account. I do not have itunes, or any apple product for that matter. I am beginning to think a debit card is a poor choice — too easy for the crooks. The first time about 2 years ago $1200. So far this is for $100, but it may not be over as I just found this a few minutes ago:(
My Itunes acct. was hacked into about 1 years ago. I found $160.00 in fraudulent charges on my account. Of course, I reported this to Itunes, long story short, they did NOTHING.
I reported this to my ATM Master Card and they refunded most of my $$.
If Itunes had any decent competition I would dump them in a New York minute. Their service STINKS big time. Just last night I attempted to download a rental movie and had a very difficult time doing so.
1 pissed-off Itunes customer !