http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/ Engadget Comments for Apple responds on iTunes fraud, vaguely confirms said fraud (update) http://www.engadget.com/media/feedlogo.gif http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 11:03AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Yeah. It would be a lot more helpful to consumers if some details were given. Were passwords stolen? Was credit card info stolen? What exactly was the nature of the breach.

But then again, the consumer doesn't seem to be Apple's "Job 1" these days.]]>Jul 6th 2010 11:12AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
The last thing Apple wants is its user base thinking for themselves. They just want you to sit back, relax, and let them take care of whatever might have gone wrong. Until the issue is on their end, then they will deny that there was a problem at all.]]>Jul 6th 2010 11:27AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
So, either something was or was not... but the overall scare might make those already worried flood their financial services with contacts. I feel bad for the banks that have to handle Apples lack of information.

Might have been better to advise that either "nothing was stolen" or those in groups a, b, and c were stolen. At least it's honest and more organized.]]>Jul 6th 2010 11:33AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/It was most likely a keylogger virus, or fake site that was stealing itunes usernames/passwords.
If itunes user data could be stolen don't you think the person would rather take and run with the thousands of credit cards rather then purchasing his app?]]>Jul 6th 2010 11:33AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
The consumer has never been Apple's #1 concern, the consumers' money has been.

Nothing new here.]]>Jul 6th 2010 11:53AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 11:53AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
You mean like every company out there gunning for profit?]]>Jul 6th 2010 11:54AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
If you steal someone's iTunes user name and password, you don't instantly have access to their credit card number. When you log into your iTunes account, iTunes will only show you the last four digits of the credit card. Even if you try to edit the credit card information, they don't show you the whole credit card number.

So the only real thing damaging thing you can do is buy stuff from Apple. God, it's depressing how many people on this site don't actually know how the technology in question works.]]>Jul 6th 2010 11:54AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
makes me wonder if they are Apple's "Job 5" instead.]]>Jul 6th 2010 11:56AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Sure, but at least some companies accept responsibility when info is stolen.

Apple? Not so much.]]>Jul 6th 2010 11:58AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Also, some companies at least make an effort to relate to the customer, and it shows when things go wrong.

Apple? Not so much.

Almost everyone has been happy with Apple because things have been good for the most part. But their true colors are showing now to a wider range of people. They burned me years ago and lost me as a customer as a result. Hopefully the recent issues will either get them to wake up out of their arrogance, or help in their demise.]]>Jul 6th 2010 12:01PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 12:03PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 12:07PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
>But then again, the consumer doesn't seem to be Apple's "Job 1" these days.

Really? Apple sure made a lot of people happy with the latest iPhone.]]>Jul 6th 2010 12:19PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 12:20PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Hey Steve Jobs "you're holding my credit card information wrong"]]>Jul 6th 2010 12:23PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Why is there any ambiguity? Isn't it really one of two issues?

1. The developer was able to gain the system by getting his products ranked higher - thus making them potentially more enticing to customers. If this is the case, Apple's response is appropriate. No harm to actual consumers (unless someone bought a book based off the rankings).

2. The developer was able to purchase his content through different iTunes accounts. In this case, the consumer's account was compromised and money went from their credit card to Apple. If this happened then all Apple has to do is notify the impacted accounts, reverse charges for fraudulent purchases, and fix whatever happened that allowed this to occur in the first place. I'm a little unclear how a hacker could obtain your credit card information since it isn't viewable in your iTunes account. They should have been able to only purchase stuff through iTunes in that case.

Now - if there is a broader breach - one that compromised actual credit card numbers then Apple needs to be more clear about what happened. Did the hackers compromise the integrity of the Apple database that stores this information?]]>Jul 6th 2010 12:25PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Lol, dude you are an idiot. Obviously you can't obtain credit card info using an itunes account. People think that someone hacked itunes revealing all account details on their servers. I was saying that the hacker probably just used keyloggers that got account u/p and used those to buy items with. Similar to ebay / paypal account hijacks]]>Jul 6th 2010 12:29PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Compared to who? Google?

Apple has topped every single consumer satisfaction rating, including consumer reports and JD Power. But that's just the isheep. Right?
]]>Jul 6th 2010 12:51PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Well, your first comment was worded poorly, but I apologize. Thanks for clearing that up. I agree with you, if the iTunes credit card database was hacked, the guy wouldn't be using their credit cards just to buy his crappy books.]]>Jul 6th 2010 12:52PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/We believe iTunes to be the best internet media purchasing experience, which is why we were surprised when we heard some people suggest they were being defrauded. Any website is capable of being defrauded if you are not careful enough, including Google Android websites. We checked, and it turns out that there was an issue with how we inform you of financial transactions - we have now decided to use the industry standard policy of not informing you about these transactions, to be rolled out in a future iTunes software update. ]]>Jul 6th 2010 1:16PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
"Apple has topped every single consumer satisfaction rating, including consumer reports and JD Power."

Perhaps they have in the past, however, note my use of the words "these days". It's little events like those that have occurred lately that build up and eventually tarnish a company's image. Just ask Dell, Gateway, HP...

Apple can either sit back and watch the events unfold, or take a proactive, consumer-friendly approach to issues - even if it costs them a few bucks here and there.

]]>Jul 6th 2010 1:48PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 2:58PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 3:20PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
So you would like storekeepers to be able to cancel YOUR credit cards.

That would work out really well.]]>Jul 6th 2010 6:03PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 12:02AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 12:29AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 12:32AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
How did 400 accounts push his books to the top 50? And not just one book, but 46? Either there were tons of purchases per account or the numbers just don't jive. With a billion apps being downloaded it's hard to picture how 400 accounts could push the needle in ranking.]]>Jul 7th 2010 1:30AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 1:47AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 2:36AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Uncle Steve said:
I miss the old time, when all apple's customers still a bunch sheep, missinformed idiots]]>Jul 7th 2010 2:38AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
as a Vietnamese user, knowing about 50 places in one city selling iTunes account, and knowing how popular they are, I know Apple lied about the number of hacked account...400, maybe they missed 2 or 3 more "0s"... they were selling like 10$ for a 200$ account...]]>Jul 7th 2010 4:37AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/But not multiple books at the same time.]]>Jul 7th 2010 7:34AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 7th 2010 2:15PMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 11:05AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/+ 1 before this thread gets out of hands.

Anyway, like @N900 said, hopefully people can get back their money, if stolen, and their accounts can go back to normal.

AKBlade13]]>Jul 6th 2010 11:09AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/Jul 6th 2010 11:11AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
if it can be done once, it can be done again.]]>Jul 6th 2010 11:16AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
+1

Of course that won't prevent the Apple Haters from making this a whole 200+ comment thread.

Hopefully Apple finds the one responsible, punishes them, and improves security for all of us iPhone/iTunes users.]]>Jul 6th 2010 11:22AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Getting users to enter their login credentials into spoofed/dummy websites has become a huge trend on how to hijacks accounts nowadays, especially in the gaming community (ie World of Warcraft). We may just be seeing the first big use of phishing in this case. Like so many other sites (ie. your bank website?), companies can only tell you to /not/ put your damn password in an untrusted site so many ways.

Be safer, people; and blame the responsible parties. In this situation, I believe the responsible parties are the end-users not being safer with their sensitive information.

In my 12-13 years online, I've used /and/ protected my logins for social networking sites, home banking, gaming, work and personal email, Paypal, eBay, website ownership and management and yes iTunes... Never once have I ever had a single account of mine hijacked.

Use an unbrute-forceable (for lack of better terms) password (use special characters like !@#$, numbers and non-English words) and only enter your login credentials on trusted sites (check the domain url!). I've gotten dozens of spoofed email phishing attempts from people trying to get eBay and Paypal logins, I just never fall for them.

I think most of the people here on this site can relate to my experiences, being internet security educated individuals I'm sure you all are. So who do you guys think is at fault in this situation?]]>Jul 6th 2010 11:25AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/I'm not saying you're wrong, but where do you see that information -- that accounts were phished thru "the proprietary web-pages that are only supposed to work in the iTunes store" ?

I reckon it was more like some kinda email spam thing -- "Click here to claim your free 25$ iTunes store gift certificate" or something like that, with a fake redirect site designed to look authentic...but again, since Apple isn't saying the WHOLE story, we don't know for sure (unless there's a source I'm missing on this?)]]>Jul 6th 2010 11:25AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
You don't seem to understand how "phishing" works. No one has to exploit Apple's web site. They could just set up a bogus web site promising free iPods and tell you to put in your iTunes account name and password and then use your iTunes account to buy anything they want.

That has nothing to do with Apple.]]>Jul 6th 2010 11:27AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
The amount of purchases necessary to push all of those apps to the top of the list would not be an insignificant amount. Either they hacked the system, or they had thousands of phished accounts; both do not seem minor in any way.

Having hundreds of dollars charged to your credit card fraudulently is a lot more serious than a hacked World of Warcraft account, and yet Blizzard has implemented a secure key token system and Apple for iTunes and most of the financial industry has not for their online account access. I for one would welcome measures for increased security.
]]>Jul 6th 2010 11:40AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Yo numnuts. Stop defending Apple, and shut the hell up about Phishing scam!

There is Zero evidence of Phishing scam!]]>Jul 6th 2010 11:43AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Yet you point fingers at customers and phishing scamers??

Good job tool bag.]]>Jul 6th 2010 11:47AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
Not defending Apple regardless of if it was a phishing scam or not.
Seriously, I wish Apple would do something about account security, not just vaguely mention it in a passing blog post.]]>Jul 6th 2010 11:49AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
85% of itunes users use a english word with a number for password

50% use their last name

the fact apple allows this is an issue.]]>Jul 6th 2010 11:54AMhttp://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/http://www.engadget.com/2010/07/06/apple-responds-on-itunes-fraud-vaguely-confirms-said-fraud/
I would argue that there are a vast amount of websites out there much worse than Apple when it comes to password/account security. At least they allow the user to choose if they want a simple of complex password.]]>Jul 6th 2010 11:57AM