iTunes Hacked, Linked PayPal Accounts Drained In Ongoing Problem
I've been rather surprised to learn that fraudulent purchases on iTunes accounts have been an ongoing problem for over a year and that some linked PayPal accounts have been drained in the process. This is bad news for Apple, who don't seem to be responding effectively, and even worse news for iTunes users from music sellers to fans.
Scott Hanselman's recent ComputerZen post on iTunes account hacking was the first I'd heard of a problem that began showing up on Apple Support Communities in late 2010 and continues to this day. The Next Web has related accounts involving rogue apps that were revealed as far back as July 2010.
From a TechCrunch post on August 23, 2010:
"Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, 'My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.' His email was filled with nearly 50 receipts from PayPal for $99.99 each."
The primary ongoing problem has involved iTunes accounts being drained of funds deposited via gift cards or accessible via PayPal by fraudulent purchases. Credit card data does not seem to be affected to date but account data is often changed leading to problems with the account. A search on Google for itunes accounts hacked shows this issue has been raised in the tech press on an ongoing basis, but is yet to be addressed.
I recently chose not to download some free promo tracks on my new iTunes account because they asked for a credit card. I just didn't want to give up that info until I bought something. Even if credit cards aren't affected, I don't think I'll be sharing any financial info with iTunes. It sounds like the one safe move is to fund an account with a gift card and then to use the credit immediately.
Given the fact that this problem has been ongoing, it could eventually undermine iTunes not only in terms of ecommerce but also in terms of marketing.
Hypebot contributor Clyde Smith is a freelance writer and blogger. Flux Research is his business writing hub and All World Dance: World Dance News is his primary web project. To suggest websites and related topics for review, please contact: clyde(at)fluxresearch(dot)com.
Apple seems to be really, REALLY good at keeping the major tech media’s collective mouths shut about this one. My account was hacked via iTunes in August 2010 (someone set up an automatic debit every month), and PayPal told me that ****OVER 50,000**** accounts had been hacked. If this happened to any other company it would be all OVER the tech media. So you may be shocked that it happened; I’m shocked that it wasn’t EVER REPORTED BY ANYONE.
This could explain some questionable charges to my PayPal account recently. Definitely looking into this ASAP. Thanks for sharing!
Apple not talking about stuff? Surely not.
I think Apple will do a money refund for those victims. I know a friend who was also charged $75 and after 3 days, she got her money back.
None of you would have had any trouble whatsoever with this problem if you had bought your music on a record or a CD instead of downloads, which for technical reasons, can never give you the same high-fidelity sound quality that you can automatically take for granted on any modern physical format! This is what the record companies like to keep quiet about! You are all paying out good money for poor quality sound!
So, the motto is – get physical!
Physical media is a thing of the past, like it or not. What needs to really happen is that we need to have the option to download songs/albums in lossless format rather than a compressed mp3 file.