Huge increase in hacked iTunes accounts

Huge increase in hacked iTunes accounts

Summary: Might be worth checking your iTunes account.

SHARE:

Judging by the emails I'm getting and the chatter over on Apple's support forum, there seems to have been a huge increase in hack attacks on iTunes accounts.

Accounts containing credit card details, those linked to a PayPal account and those with a gift certificate balance seem to have been hit. Many accounts with a gift certificate balance have been virtually cleaned out.

The name Kingdom Conquest seems to be coming up often in reports, either as the app being purchased or the app being used to make fraudulent in-app purchases.

F-Secure's chief research officer Mikko Hypponen believes that it is 'unlikely' that all these hacks were carried out with the use of keyloggers.

Might be worth checking your iTunes account if you have one, and harden any poor quality passwords.

Topics: Collaboration, Apple, Hardware, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

21 comments
Log in or register to join the discussion
  • My first pet's name was Fido

    I was one of those lazy people who used the same password with the same email address at waaaaay too many places, Then Steam got hacked a few months ago and I got motivated to make up new, unique, and much better passwords for Amazon, iTunes, etc.

    Glad I did.
    Robert Hahn
    • Bugs

      @Robert Hahn <br>Could also be caused by undisclosed vulnerabilities in iTunes.<br>iTunes software is way too huge and those hacked iTunes accounts could be caused by an undisclosed vulnerability in that bloated software. iTunes has an amazing bug record. A friend once bought a movie and the iTunes software crashed (maybe due to session hijacking during download), she didn't get a refund for that lost downloaded movie thru iTunes.
      Martmarty
      • The undisclosed location

        I have a friend who used iTunes once. Her dog died and her mother got cancer.
        Robert Hahn
      • RE: Huge increase in hacked iTunes accounts

        @Robert Hahn Nice! LOL
        athynz
      • Let me stop you right there.

        @Martmarty... Movie didn't download correctly and supposedly wasn't able to resolve it? I have had plenty of times where I lost something due to my own negligence, and Apple simply resent the download. Not to mention your claim is completely anecdotal.

        And want to talk about bloat? Look at windows. 20GB for an install?
        Snooki_smoosh_smoosh
      • Let me stop you right there.

        Sorry, my windows PC running Chrome glitched and double posted...
        Snooki_smoosh_smoosh
      • RE: Huge increase in hacked iTunes accounts

        @Martmarty
        +1
        toddbottom
    • Good Idea but...

      @Robert Hahn
      Any thoughts on having multitudes of accounts?
      My single biggest issue: numerous accounts, all have passwords and not all will allow the same criteria.
      As a result I have too many accounts with the same or similar passwords.
      :(

      btw: This does not apply to just personal accounts. Have a lot of the same issues in business.
      rhonin
      • RE: Huge increase in hacked iTunes accounts

        @rhonin

        You'll probably get allot of feedback on using some type of system or pattern so that they can be different, but have enough similarities that the pattern will help you to remember them. To me, that seems overly complicated and makes the process of periodic changes a lengthy task.

        I generally view it like this, for accounts that are somewhat anonymous and harmless (e.g. No financial or professional impact if breached, like ZDNet), I'll tend to go the same password. For those that are in my name, I'll vary it a little more (e.g. Facebook, Twitter, LinkedIn since they contain PII to varying degrees). For those that I actually use for purchases or work related, I'm the most vigilant and these are all unique.

        Allot of people will argue against using password managers or writing account info down, but as long as done responsibly (using a reliable product, storing in a safe/locked place, etc.) the risk is minimal. The reality is, I have accounts for work that I access so infrequently (but timeliness is important when I do), it's almost impossible to keep track of them in my head only.
        TroyMcClure
  • iTunes is horrible. Anyone who still has an itunes account should have

    their head examined. Worrying about your pwd is the least of your problems
    Johnny Vegas
    • Tiresome

      The Microsoft employee speaks.
      Robert Hahn
      • Let's see if I have this right

        @Robert Hahn
        Anyone who says anything negative about an Apple product is wrong and biased and must be a Microsoft employee.

        Does this mean that anyone who says anything negative about an MS product is wrong and biased and must be an Apple employee? If so, nearly all of Apple's workforce is taking time off from making great products and is instead simply trolling on ZDNet. You are the perfect example of the Apple employee troll.
        toddbottom
    • RE: Huge increase in hacked iTunes accounts

      @Johnny Vegas I still had mine up until 2 days ago, when I finally burned all my DRM music to CDs and Ripped them back to MP3s! It is Amazon or Google from here on out!
      slickjim
      • RE: Huge increase in hacked iTunes accounts

        @Peter Perry iTunes Store music has been DRM free for nearly 3 years (since April 7 2009).
        Gritztastic
    • RE: Huge increase in hacked iTunes accounts

      @Johnny Vegas Oh? And what else then? Because in all the time I've used iTunes (since 1.0) on Windows I've had very few issues - no hacked account, no crashes (with the sole exception of a glitch when going from 9x to 10.0), no slowness, no drag... it plays all of my media including tunes and movies I've bought from other services (Amazon).

      So what other issues? YOU must know since you are not only advocating the non use of it but saying that people who use it must have to have some form of mental therapy. And since you MUST be an expert I'll definitely give your explanation due diligence... or are you some sort of iHater troll?
      athynz
    • I say the same thing about people who

      @Johnny Vegas... use windows. ;)
      Snooki_smoosh_smoosh
  • RE: Huge increase in hacked iTunes accounts

    Okay...for most the better part of the weekend no one has been able to log into the iTunes store, their iTunes accounts, or ANY of their "secure" information. This is because Apple has been at work uograding the system. As to how long this will take they can't say but it has already taken MORE than the 11 hours since Mr. Kingsley-Huges posted this unnecessarily alarming essay.
    shadowcass
    • Funny, I was in and out of the App stores

      @shadowcass a few times yesterday, no issue.
      Snooki_smoosh_smoosh
  • RE: Huge increase in hacked iTunes accounts

    The flurry of obtuse fan-human comments aside, thanks for the tip and the encouragement to check our stuff.
    notme403@...
  • RE: Huge increase in hacked iTunes accounts

    Yep, I don't link my credit card to my iTunes, but I did have about 7 bucks left from a gift card from my account. Apple was no help at all. They just told me to change my password and were no help with the lost amount. I now don't bother putting on a gift card until I am going to spend it all in one go.

    I don't think that it was hacked from my computer with a keylogger, because I had not actually turned on that laptop in 5 months. It has just been sitting in my closet dead as a doornail.
    Brooks Fancher