Feb. 10, 2012 at 6:04 PM ET
Apple's iTunes Store is a big, cloud-based place, with more than 200 million customers. And for a year and half, some of those customers have been complaining loudly and frequently on the company's discussion pages about problems tied to fraudulent charges that may have happened because their accounts were hacked.
The problems seems to be quite acute for users of iTunes gift cards, which are available in supermarkets, drugstores and just about anywhere prepaid cards are sold.
"This happened to me last night," said user jcoffman99 in the discussion forum this week. "Got the email from Apple saying to check as an unauthorized computer downloaded songs. Yep sure enough, my gift card balance was gone. I love how in the email all they say is you should change your password."
Yet another person who goes by Magda_M posted this week:
I've had my iTunes account for years and years and never experienced a problem then yesterday for the first time EVER I enter in a gift card and now all of a sudden my account gets hacked.
I received an email from Apple saying my apple ID was being used on a device previously unauthorized. With weird Chinese characters as the app name. When I logged into iTunes I saw that my "credit" went down to $3 and just yesterday it was $25 while I have not purchased anything. When I checked my account my CC info has been deleted. No other changes have been made.
I find it intriguing how many of the reports include a depleted gift card. I'm wondering if the "redeem" page I used is the problem here and that's how these hackers got the info.
The only way someone would know my password would be to steal it from Apple. I'm using a brand new MBP and it hasn't left the house yet. No one else uses this computer. My wireless network is secure.
I do have a new iPad 2 that was authorized as a device about a month ago. But I've made many purchases between when I first got it and yesterday and no unauthorized activities took place until I entered in that gift card.
AppleInsider suggests "one possible explanation is that the company's iTunes gift card algorithm has been cracked. In 2009, iTunes gift vouchers surfaced on Chinese websites for pennies on the dollar after hackers allegedly discovered a way to generate codes."
Earlier this week The Global Mail reported, in a lengthy piece about the fraud issue, "Most of the amounts stolen are at the low end, ranging from a few dollars to about $500. In most instances, Apple has agreed to restore the lost funds, as a 'one-time exception to our sales policy.' The company will not comment on whether they are working on a permanent fix."
We asked Apple for comment about the ongoing problem, and have not heard back. If we do, we will update this post.
The company did give a statement to AppleInsider, saying that Apple "takes precautions to safeguard your personal information against loss, theft and misuse, as well as against unauthorized access, disclosure, alteration and destruction. Apple online services such as the Apple Online Store and iTunes Store use Secure Sockets Layer encryption on all Web pages where personal information is collected."
In the summer of 2010, Apple did acknowledge that 400 iTunes accounts were hacked and used by a Vietnamese developer to promote his iPhone apps to best-seller status. At that time, with 150 million iTunes account holders, Apple said the hack only affected 0.0003 percent of those accounts.
But what's been happening since then is much more serious. "My account is linked to my PayPal that's linked to my checking and they literally stole all of my money in my checking account," posted a user called elitez28 on the discussion forum this week. "Already sent in the support ticket, not very happy at this point."