It’s been only a matter of days since music website Last.fm urged its users to change their account passwords following a hacking scandal, and now the world’s biggest music store, iTunes is also under threat.
Today The Age reports that Consumer Affairs Victoria are warning that online thieves are buying stolen Apple account passwords to hack into customers’ iTunes and app store accounts.
Apple were receiving customer complaints about unauthorised purchases made in their names, prompting Consumer Affairs Victoria to issue a credit card fraud warning. Adding that hackers on online forums are selling iTunes passwords and account information for as low as $33, allowing online crooks to purchase unchecked in other people’s names.
This is the second time this year that the iTunes store has been compromised, coming only four months after hackers raiding the iTunes store to steal personal information and financial details.
Once again, Apple is unsurprisingly remaining silent on the issue but are no doubt in crisis mode to try and avoid the potential PR disaster, but has said they are “workign hard to improve the security” of their online stores. They’ve also contacted customers with complaints, encouraging them to contact their banks and change their account details.
Dr. Mark Gregory, an internet security expert and senior lecturer in network engineering at RMIT University, told The Age that he believes Apple could be doing a lot more to protect the information security of its customers, “It’s not just the money being lost,” says Dr. Gregory, “it’s the customer’s private and personal data and to some extent that’s more import than losing money.”
Dr. Gregory says that large multinationals, like Apple, have a responsibility to safeguard their consumers’ personal details and enforce strict regulations when dealing with online shopping.
“Once the information’s been hacked it’s quite easy to actually get access to it,” he explained, “often the information is posted for free or for sale on a number of websites around the world.” Dr. Gregory also suggested that a call for government assistance, in countries like the U.S., would help crack down on companies like Apple that were enacting poor security measures that leave the information of its consumers exposed to criminal activity.
Apple’s response to the hacking claims came in an identical statement they issued over the security issues in February this year,
“Apple takes precautions to safeguard your personal information against loss, theft and misuse, as well as against unauthorised access, disclosure, alteration and destruction. Apple online services such as the Apple Online Store and iTunes Store use Secure Sockets Layer encryption on all web pages where personal information is collected.”
Consumer Affairs Victoria have advised iTunes customers who had experienced hacking or believe their account vulnerable to change their password and check their credit information.