|
Users viewing this topic:
none
|
|
Login  | |
|
WARNING! iTunes Music Store account hacked! - 10/26/2009 2:34:11 PM
|
|
|
stateofgrace
Posts: 1583
Joined: 4/12/2005
Status: offline
|
My iTunes music store account was hacked last week. I discovered that there was a problem on Saturday; because it was the weekend, the problem didn't get resolved till Monday. There are already two charges on my account that was used for the store. The hackers put in a different email address and password so I was locked out of my account; also nonsense text in the challenge question, and changed my birthdate. I have now seen info on other sites where folks have posted that the same thing has happened to them. Beware! Check your iTMS account frequently. Another suggestion is to use only iTunes gift cards or prepaid debit cards instead of credit cards, in order to limit your potential liability.
< Message edited by stateofgrace -- 10/26/2009 2:41:05 PM >
_____________________________
America Needs Revival. Will you commit to pray for it?
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/26/2009 3:32:25 PM
|
|
|
Miss Giggles
Posts: 5196
Joined: 4/18/2005
From: MI
Status: online
|
I just checked mine.. Thanks for the warning. Not seen any problems with mine but you never know.
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/26/2009 7:06:50 PM
|
|
|
stateofgrace
Posts: 1583
Joined: 4/12/2005
Status: offline
|
This is a real answer to prayer...the charges turned out to be legit, they just posted to the bank account several days later than the purchases. However, the account was still hacked, so I am so thankful that i found out fast enough that fraudulent charges hadn't yet occurred. I have taken out my bank account information for the time being and switched to iTunes gift cards. I've told the kids that we are going to change the password frequently now.
_____________________________
America Needs Revival. Will you commit to pray for it?
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/26/2009 8:06:24 PM
|
|
|
Miss Giggles
Posts: 5196
Joined: 4/18/2005
From: MI
Status: online
|
Glad they weren't fradulent charges. I had been thinking of only using Itunes gift cards for a while now.
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/27/2009 9:10:07 AM
|
|
|
neuronstatic
Posts: 1242
Joined: 7/14/2005
From: North Carolina!
Status: offline
|
quote:
ORIGINAL: stateofgrace
I've told the kids that we are going to change the password frequently now.
I want to put a warning out there to parents everywhere - this is not directed at you stateofgrace, its general. So I am not saying anything about your kids or anyone else's kids specifically.
More times than you can imagine, kids are careless with passwords. The number one reason: they trust their friends. And then their friends trust their friends, and so on and so on. And while teen or pre-teen kids would never knowingly compromise your financial information, they are very likely to unwittingly compromise a "music account" or some other seemingly "safe" on-line account.
Most kids, regardless of how intelligent or how responsible they may be, are still kids that lack experience and maturity in judgment. That's one of the reasons why we call them children and not adults. And at times they will intentionally allow a friend access to some on-line service or allow that fiend to watch them type in a password and they don't even think about it.
Its not that the kids are being stupid or anything. They just don't want to believe that their friends could ever be a "threat" to them. But anytime you allow someone outside of the family access to on-line passwords for anything that has money attached to it, you have opened a hole in your security door.
_____________________________
Click here for an example of God blessing a man with a second chance at marriage in a new wife.
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/27/2009 1:13:56 PM
|
|
|
jhuperetes
Posts: 472
Status: offline
|
Although neuronstatic is right, we are all often careless with passwords.
I would like to point out that if you used your account through an open and public WiFi hotspot, it takes less than 30 seconds to steal the information. No matter if the site has SSL or not.
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/27/2009 3:39:10 PM
|
|
|
neuronstatic
Posts: 1242
Joined: 7/14/2005
From: North Carolina!
Status: offline
|
A slight correction to the WiFi/SSL security issue.
Currently there are at least 2 known (and significant) flaws in SSL: a hash vulnerability and a null-coded site name vulnerability.
The has vulnerability is a flaw in SSL that can lead to compromise. It has to do with the math involved in the security hash. It must be used in conjunction with the creation of fake security certificates. However, according to security sites:
quote:
By faking the MD5 hash of one of these trusted signing authorities, the researchers are able to make fake SSL certificates for any website they want and your browser will verify it as legitimate. For now the hack isn't publicly available, takes six months or more to implement due to the tremendous amount of processing and planning required, and hasn't fallen into the hands of any criminals.
The null-coded site vulnerability involves the creation of valid security certificates for sites with names that exploit a flaw in browsers. According to security sites:
quote:
... a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid null character in it most CAs would issue the certificate if the requester owned the domain specified after the null, while most SSL clients (browsers) ignored that part of the name and used the unvalidated part in front of the null. This made it possible for attackers to obtain certificates that would function for any site they wished to target. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions.
While these are real threats, they have extremely limited real effect because of the number of things that have to line up to make it work.
What you really need to make sure of is that the site you think you are going to is the real site and not just faked. And what jhuperetes is illustrating is that when you use ANY network, there is an issue of trust involved. And if you use public hot-spots, the network may or may not deserve such trust. Always know what you are doing and where you are going online. This can prevent many, many problems.
Once again, you cannot leave all the work of being safe online to any software alone. It also takes human brains. And we all have those. Lets use them 
_____________________________
Click here for an example of God blessing a man with a second chance at marriage in a new wife.
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/27/2009 5:09:17 PM
|
|
|
rawr.ben
Posts: 2719
Joined: 5/16/2005
Status: offline
|
You beat me to it, neuron, and said it better than I would have. Good post.
_____________________________
rawr.ben
Facebook
|
|
|
|
|
RE: WARNING! iTunes Music Store account hacked! - 10/28/2009 9:12:32 AM
|
|
|
stateofgrace
Posts: 1583
Joined: 4/12/2005
Status: offline
|
It's a good point about the kids and passwords. My kids know that the iTMS user ID and password is for us only; that it can only be authorized on 5 computers. If someone got it from one of them, it would not be in a legit manner.
I actually have more problems with them sharing music with friends; and accepting shared music from friends. Usually it's burned CDs, though. They've gotten the lecture numerous times, but it doesn't seem to stick.
The wireless situation is a concern to me, because DD#1 uses it at college; DD#2 is soon to start community college classes and will have a laptop soon; DD#1 has an iTouch, and my husband is getting an iTouch for Christmas.
_____________________________
America Needs Revival. Will you commit to pray for it?
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
Forum Tools
Printable Version
