Tuesday, September 7, 2010

Be Aware: Why is Apple so silent about itunes accounts being hacked?

Past July (july 4th/7th) there was an initial alarm on the websphere and social media sites (facebook and twitter mainly) that several itunes accounts have been hacked and we being used by some to buy different apps for the iPhone (mostly linked to a vietnamese developer called Thuat Nguyen).

There was no official announcement from Apple, no patch releases, no advice indicated
Official position goes into "400 iTunes accounts were compromised in this attack. That sounds like a lot, but keep in mind that's out of 150 million registered iTunes users, or around 3 ten-thousandths of a percent"
As the story has developed, the problem has grown far more serious than initially thought – not just that one particular developer and his apps - the Apple App store is filled with App Farms being used to steal.

Furthermore If you go a bit deeper into the investigation you will see that more and more cases have been reported and the seriousness of the cases have been increasing. What I mean by this? Well many itunes accounts are linked to a PayPal account which is linked to a credit card account. 1 + 1 + 1 = 3 you get it? Lots of people has reported this and we are talking about thousands of dollards in fradulental transactions

PayPal response: PayPal has acknowledged the fraudulent charges and is currently reimbursing customers. 

However, the company continues to insist that the security breach is "happening on the iTunes side."
Apple response: "But if your credit card or iTunes password is stolen and used on iTunes, we recommend that you contact your financial institution and inquire about canceling the card and issuing a charge-back for any unauthorized transactions. We also recommend that you change your iTunes account password immediately."

Judge by yourself
Yes people is not careful with their passwords and yes that may be pure password robbery, however the fact that itunes is not addressing the security issue is worrysome and not worth of a company that portraits itself as a customer advocat. There is some obvious security vulnerability that Apple can't or won't address. No other account from other reputable sites has been reporting such issues these days

BTW the case is far from close. Andrea told me yesterday that her account has been hacked. Fortunetly the only money there was from aple gift card (150 USD) so chance to get into PayPal, but be aware. Change your passwords and maybe time to stop buying in itunes with yor credit card until Apple does address the issue
Remember in Apple eyes, YOU ARE GILTY NOT APPLE

Related sources:
Link to thenextweb - sotry on app store hacked itunes
Link to tg daily - story on Apple itunes and the plague of scammers
Link to apple forum on itunes hacked

No comments:

Post a Comment