14 DAY TRIAL // CNN is running a story on account hacking in iTunes and how Apple has failed to address the matter over the years. A security researcher suggests there's a good chance Apple isn't even trying to fix the problem.
The report highlights a few complaints from Apple forum posters, such as this one from a user identified as “glight”:
"It is very apparent that Apple iTunes has a big problem on their hands, and they are keeping quiet about it. When you have been hacked, and people's money and private info has been stolen, you should... be more responsible (and responsive) than Apple is being," glight wrote.
Another example comes from UK resident Fiona McKinlay, whose iTunes account was one of the first to get hacked.
After having her account compromised, Fiona saw the balance of a new gift card wiped almost completely.
She wrote on Apple’s discussion panel: “In December 2010 I loaded a £25 gift card, and a couple of days later 'in app purchases' that I didn't make took my balance down to £1.02.”
"They were very helpful in that they disabled my account immediately, refunded my money, de-authorized all machines associated with my account and reactivated my account, but failed to acknowledge that there may be any sort of problem with their system," she said.
"Until one day I find something that says Apple have admitted there was a problem and have now resolved it, I'm going to assume the problem is still there and they're still just trying to pretend it's not. They used the phrase 'Please note that this is a one-time exception to our sales policy.' That says to me, 'Well, we sort of think this is your fault and are just being nice,' " she added.
Indeed, it may seem that way, considering that such nefarious practices continue to occur.
While most of the stolen amounts are relatively low, they can sometimes reach hundreds of dollars, in which case Apple generally agrees to restore the lost cash.
Some customers who found themselves in this situation revealed that Apple agreed to refund them as a "one-time exception to our sales policy", according to some published emails from the company.
CNN points out that Apple has been reluctant to comment on whether they are making any progress attempting to fix this problem.
The report includes a statement from Ty Miller, chief technology officer at Sydney-based IT security firm Pure Hacking, who believes Apple prefers to reimburse hacked accounts and live with this problem, even though it appears to be widespread.
"I would have expected Apple to take some sort of action by now," Miller says. "[That they haven't] can indicate one of two things," he says.
"Either Apple has accepted the risk of the fraudulent transactions and they're happy to reimburse the money because it may cost a lot more to fix then they're actually losing. [Or] there is an inherent flaw in the way they have created the gift card numbers and it would take a serious overhaul of their systems to change how that actually works," Miller says.