Over the weekend, there was some iTunes fraud afoot thanks to nefarious AppStore developer who managed to hack iTunes and use some users’ accounts to download eBooks of his own making. Developer Thuat Nguyen apparently gained access to user accounts and used those accounts to fraudulently download eBooks of his own making. In doing so, his books made it to the top of the “Book” category charts. Today, Apple issued a statement explaining, in vague terms, what went down and how to deal with any potential hackery that might have affected your account and credit card.
First of all, Apple confirms that Nguyen has been straight up kicked out of the iTunes ecosystem for violating the App Store developer Program Licensing Agreement. All his content has been ejected from the App Store as well. Good riddance, we say.
Second, Apple goes on to say that no customer data is ever sent to a developer upon downloading a book or an app. But, continues the Cupertino-based iPhone maker, customers that have had their credit card info or iTunes account info misappropriated should contact their bank and ask to have any fraudulent charges reversed. What’s important with this last statement is that Apple stops short of directly admitting that their content delivery system had been hacked.
The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.
Developers do not receive any iTunes confidential customer data when an app is downloaded.
If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.
There are also reports of other “App Farms” in the App Store, just waiting to nab unsuspecting users’ account information. That’s scary. What’s even scarier is that Apple doesn’t mention exactly how customers’ accounts had been compromised. Either A) Apple is keepig mum on the issue as they fix the problem or B) Apple has no idea how the accounts were stolen in the first place. Either way, users would do well to change their passwords as soon as possible.
Have you seen your account taking on a life of its own? If so, we suggest you contact your bank and change your account info right this moment.