A number of iTunes users are reportedly receiving refunds after having their iTunes Store accounts cleaned out by thieves, with the underlying issue of how it happened remaining unresolved.
The firsthand stories are a little disturbing to say the least. Users posting on Apple's Support Community have been reporting that their iTunes accounts and information have been hacked, resulting in gift card and other purchases and changes to their personal information.
According to a report from The Global Mail, Apple's iTunes accounts have been susceptible to hacker attacks for some time. Users have been complaining for more than a year about a relatively similar issue--namely, an account is accessed without permission, any gift card credit available is spent on apps, and information, including PayPal account information, is used and/or changed.
Those are some serious issues. But Apple is only responding with a generic statement:
"Apple takes precautions to safeguard your personal information against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction," the company said in a statement issued to The Globe and Mail. "Apple online services such as the Apple Online Store and iTunes Store use Secure Sockets Layer encryption on all Web pages where personal information is collected."
It's not uncommon for Apple to remain silent about potential issues involving its products or services. The company has said in the past that it likes to gather all the facts, investigate, and come up with a solution before issuing public statements about problems, as it's done with the antenna issue on the iPhone 4 and the location-tracking file discovered last year. But in the case of people's account information, some are calling for more transparency.
In addition to the statement, Apple has reportedly been in touch on an individual basis with customers who say they've had their accounts compromised. Most of them describe the same experience and response: Apple acknowledges that the particular account shows irregularity but does not concede a systemwide issue. Many customers might disagree, due to the similarity in which apps are purchased and what information is affected.
To Apple's credit, it seems most customers have been refunded their lost credits or balances without too much hassle.
While many will view a lack of response from Apple as a sign that there isn't a serious problem, many people posting comments seem to be concerned that Apple hasn't fixed the problem, and feel Apple is instead attempting to keep it quiet by issuing refunds to users.
If you believe your account may have been accessed without your authorization, there are a few simple steps to take. First, change your password. One of the easiest ways to keep yourself safe online is to have a strong password. That means, no dictionary words, include a number, and include a capitalized letter or two. Make it easy for you to remember, but hard for anyone, even people that know you well, to guess.
You can also deauthorize all the machines on your iTunes Account and reset your account. If all else fails, contact Apple through the iTunes Store and let the company know that your account may have been hacked.
Have you had a hacked iTunes account experience? Let me know your story in the comments!