The Towson Hack: The mystery of disappearing iTunes credit
Posted 06 September 2011 - 11:38 AM
When you access your account associated with a credit card on an unknown computer or unknown device you have to enter your 3-digit credit card before you can buy anything.
Posted 06 September 2011 - 11:43 AM
Posted 06 September 2011 - 11:47 AM
Posted 06 September 2011 - 11:52 AM
Posted 06 September 2011 - 12:13 PM
Posted 06 September 2011 - 12:28 PM
Gift cards don't have code. They have *a* numeric code, but that's pretty much all they are. A pregenerated sequence of numbers which when typed into your account give you a credit in some predetermined amount.
Posted 06 September 2011 - 01:07 PM
As word spreads, the damage to the reputation of the iTunes store will hurt them unless they acknowledge and fix these issues.
Posted 06 September 2011 - 01:15 PM
Then perhaps the purchases were done using that card on a different account. And there are any number of ways an unscrupulous person could get their hands on legit credit card info that have nothing to do with the security of the iTunes store. So I'm going to say what your friend had happen is not what this article is describing.
Posted 06 September 2011 - 01:53 PM
Seems to me, you weren't paying attention to the article. This is mostly happening with gift card balances, and maybe some Paypal, but not credit card accounts. By only using gift cards and not linking a credit card, you are making your account more prone to this kind of attack.
And Lex, someone else already pointed this out, but it is pretty obvious why credit card accounts are not hacked. The hacker would need the CC security code to use the CC, but that level of security is not there with a gift card balance.
Posted 06 September 2011 - 01:57 PM
They aren't hacking those that use Credit Cards (VISA, MasterCard etc) because any purchase from a new device has to confirm the security number on the back of the credit card.
Thus the attack is only going after open (non credit card) accounts, possibly phishing, possibly dictionary attacks, or any other form of hacking.
Posted 06 September 2011 - 02:49 PM