Apple iTunes hack affected 0.00003% of users

Posted by Mark Raby

The fact that someone actually dug into a security hole and hacked personal iTunes accounts is nothing to be overlooked, but final details reveal that only about 3 out of every 1,000,000 iTunes account holders were affected.

The fact that someone actually dug into a security hole and hacked personal iTunes accounts is nothing to be overlooked, but final details reveal that only about 3 out of every 10,000,000 iTunes account holders were affected.

Over the 4th of July weekend, something seemed fishy when 42 of the top 50 apps showing up on the iTunes App Store were from the same developer. That developer was Thuat Nguyen. Never heard of him? Yeah, neither had the hundreds of users that saw charges linked to his apps even though they never authorized any such purchases. The developer gained access to hundreds of accounts, used those accounts to buy his apps, and then watched as those apps were artificially inflated on the "top sellers" list of the App Store.

In fact, some users had fraudulent charges of more than $1,000. Apple urged users to change their passwords to prevent continued purchases for accounts that had already been compromised.

This news item lit up the blogosphere, creating a whirlwind PR nightmare for Apple, and while it was a serious issue, new details from a report should bring everyone back down to reality.

According to Fox News, 400 iTunes accounts were compromised in this attack. That sounds like a lot, but keep in mind that's out of 150 million registered iTunes users, or around 3 ten-thousandths of a percent.

Those with fraudulent charges should go through their credit card's fraud department and will most likely not be held accountable for the purchases.