Paypal-linked iTunes Accounts Getting Hacked
Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, ‘My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised. ‘ His email was filled with nearly 50 receipts from PayPall for $99.99 each. He was able to catch it before his bank disbursed funds to PayPal.
iTunes accounts are getting hacked again it looks like “ something that is occurring disturbingly often just lately. This time it looks like it is specifically accounts that use Paypal as their payment method “ like mine, yay. 
One thing that makes this problem even worse is that it is extremely difficult to get support on anything App Store or iTunes related. You cannot speak to anyone from that department by phone – ever, as far as I can tell from past experience. I ‘ve even had times where I ‘ve spoken to an Apple Support agent by phone and reported a suspected fraud issue on my iTunes account, and even the agent had no luck in attempting to actually speak to an iTunes rep of any kind. They seem to only be reachable by email, with an ‘expected ‘ response time of within one business day.
I think it ‘s more than a little ridiculous that a store the size of iTunes (how many billion song and app purchases now?) provides zero phone support. For cases like these with money pouring out of people ‘s accounts by the minute, it ‘s great to know that the iTunes team has got your back “ as long as you ‘re cool with waiting a day or so.
Needless to say, this is a great time to look at changing “ and strengthening “ your passwords for your iTunes and Paypal accounts. I just changed mine a few weeks back, and always use complex passwords of well over 15 characters for these type of accounts.
Sources: TechCrunch, Apple Insider
Sorry to hear. Mine was hacked last year and some loser bought a few iPhones and a bunch of content.
Now I just I just use gift cards
I was hit last week for over $100. I have since gotten a refund but my iTunes account has been disabled. =( By the way I didn't have $100 on my PayPal which is linked to my bank account. I didn't have $100 in my bank account and it took out more than I had. So I had to pay an overdraft fee of $30 for each transaction. It was 2 transaction from whoever bought the apps with my account. So I got my money back and only have about $60 left after I pay the bank back.
Oy.
Okay, listen closely:
Paypal accounts are getting hacked, phished, whatever you want to call it. The hacked accounts are being used to purchase items on the iTunes Store.
Now, listen to this: This has nothing to do with the security of the iTunes Store. These accounts could be used anywhere Paypal is accepted as a payment method.
Did you follow me?
Jeez I'm not sure – it was such a complex point you made there. Let me give it a try – it's Paypal that's getting hacked not iTunes.
One small thing though – every single report I have seen from TechCrunch, Apple Insider and other heavyweight sources lists the security hole as being in iTunes, and they even state that Apple is aware of the issue.
So … your sources that contradict all of that are who exactly? Also, I'd love to hear the explanation of why the only news about this is all related purely to fraudulent charges in iTunes.
http://m.guardian.co.uk/?id=102202&story=http…
This suggests the issue is with Paypal
I only use PayPal for iTunes. So I am going to say it was iTunes fault.
http://www.ipodnn.com/articles/10/08/24/no.sudden…
Patrick, I know this was a minor point in the scheme of this post, but I liked it, a lot. iTunes offers 0 phone support. I remember when I was trying to figure out how to not get charged for something I already purchased and I couldn't get anyone to help me. It turns out that if I attempted to buy it, by giving my password and agreeing to repay the price, I could redownload it for free. A simple phone call would have set me straight; instead I tried the day long support, and decided to take the plunge. Maybe this was obvious to other users, but it wasn't to me, and I was trying to be careful. My story is a bad example, other than to point out that this massive system has no instant support system. This also goes back to a point I made last week. If an App lies in their description, that deserves personal attention and instant validation/compensation to the end-user. It almost seems like a scam that they don't have phone support… (I know its their business model, but that's what it feels like to customer John Doe)
I think it's outrageous that they have no phone support, and a 24 hour turnaround time for even an initial response is also ridiculous. Especially when – at least in my handful of contacts with them – that first response is a useless request for information I've already provided in my original email.
My account was hacked for 1500 with 15 charges of 150 each in mid-august. Unfortunately, my paypal account is directly linked to my bank account at Virginia Credit Union. I immediately called VACU, as the charges had not hit the account yet, generally an e-check takes a day or two to process. They informed me that they were unable to block the charges in any way, that closing my account and reopening would simply forward the charges to the new account. There was nothing I could do but send my 24 hour letter to itunes and open a dispute with paypal. The first 10 or so transactions were covered in my checking and the last 5 got hit with a $30 overdraft fee each. Paypal had refunded my $1500 within 2 days, it was excellent service. However so far No one has been willing to refund me the overdraft charges to my Virginia Credit Union checking account. VACU claims that because I authorized Paypal to connect to my checking account, they are legitimate charges. Paypal says they are not responsible for overdraft fees, and I would tend to agree. I do not know why my bank feels it is their right to make $150 off of obvious fraud. Why paypal should have to pay it and they should be able to profit from it. I was disgusted after 15 days on the phone with them, they finally this morning agreed to refund $75 dollars worth of the fees and told me that I should be extremely gracious for that.
I am looking for a new checking account after 10 years with my credit union.
Jeez – very, very sorry to hear that. Paypal do always seem to provide excellent support and response every time I have to deal with them as well. Banks are another story.