If you have an iTunes account that you use to purchase apps, songs, etc. for, then you were probably one of those who have been anxious in the past day or so. Reports that iTunes has been hacked spread like wildfire the other day. Posts in mainstream sites such as TechCrunch probably served to make people more anxious and alleviate fears at the same time. I say people probably got more anxious because TechCrunch showed proof that unauthorized (at least by the account owners) purchases had been made, but at the end of the post, there is a statement from Apple saying that they have not been hacked (which is still kind of a good thing).
So what is really happening? What happened? If iTunes has not bee hacked, then why have so many people lost money via “illegal” purchases?
John Paczkowski of Digital Daily offers an explanation:
…not much to their assertion that Apple (AAPL) is at fault here. There’s no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it’s likely because you’ve fallen victim to a bot attack or phishing scam–a variation on the one that’s been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions.
More likely than not, the PayPal accounts of the affected users are the ones that had been compromised. Bottom line: iTunes is safe.
The question is: how secure are your PayPal accounts? This is happening now, it has happened before, it will happen again. Remember all those tips about passwords and phishing. They just might save you a whole load of money.