Over the July 4th weekend news of a “Massive” iTunes App Store hack was circulated around the web. We were advised to lock down our credit cards, change our passwords and to generally panic!
What seemed to be happening was that some hacked individuals iTunes accounts, that have been readily available on the Chinese Black Market for some time, were being used to game App Store metrics and push a certain developer’s apps up to the top of the App Store rankings. Thus generating sales for them.
The apps themselves were mostly copyright infringing copies of Japanese Manga that the developer had duplicated and was selling under his own name. Apple were fairly quick to react when developers used to occupying those rankings on the App Store were bumped down by an influx of these fairly dodgy looking Vietnamese apps. Upon investigation the website for the developer was shown to not even be real.
Phil Schiller got involved over the weekend and contacted these, and other concerned developers to tell them that Apple were looking into it. The errant developer was fairly quickly removed from the App Store, along with all of his apps.
And today Apple issued this statement on the issue…
The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.
Developers do not receive any iTunes confidential customer data when an app is downloaded.
If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about cancelling the card and issuing a chargeback for any unauthorised transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.
When you consider just how many iTunes accounts there are, and how many probably have passwords with people’s pet’s names, or their favourite food – despite users always being advised to use more secure passwords – it is hardly surprising that accounts get hacked from time to time. As long as you are using a decent password for your iTunes account, and only connect via Apple’s site, or iTunes then you should be OK.
If you are concerned about your account or credit card being on file with Apple, then perhaps consider using a card with a lower limit, or taking your card off when you are not using the account. Or perhaps use PayPal as a payment option.
At the end of the day this was not a massive hack on the iTunes store, and you are no more likely to be exposed through iTunes to this kind of thing than you are when using your credit card in a real store or on any other web site like Amazon for example. As long as you use sensible passwords, and practice fairly common sense protocols when shopping online!
The point is that this is not an “Apple Issue”, it’s an internet issue, but with Apple being so high profile at the moment people love to jump on these stories and blow them out of all proportion.
Personally I think Apple reacted very quickly to this problem, and seem to have cleared the whole thing up quite satisfactorily.
Are you worried about the security of iTunes? Have you had your account hacked? Let us know in the comments…