Apple ID got hacked, emptied store credit balance, refund request got rejected

LT59047 on 17/06/2020 - 10:08

Hi there,

I recently got my apple ID hacked. Some fraudulent in-app purchase on a app that was downloaded to a device that was never previously downloaded, and it was downloaded from China mainland. I never been to China mainland. (I didn't have two-factor ID at that time). All purchases were made in a short burst of time, within 2 minutes, emptying all my remaining store credit ($50+). I had an Apple technician to report the suspicious activity. The person asked me to change password and enable two factor ID. Then, the person put in the store credit refund request but it got rejected (with no reason given). I don't know what detail the person has included. Then I asked for a review, with all the detail I could provide, and got rejected again with no reason given. Now I don't have any chance to ask for refund nor getting any reasons as to why the refund is rejected.

I must say I am quite devastated by the response from Apple. A simple fraud detector would easily identify those transaction as fraudulent - made in different IP, different geo location, different timing to my usual purchases, and all of them happened in just 2 minutes, it emptied my store credit. Those properties scream fraud. I am very disappointed with Apple.

Is there any way I could escalate this as an Australian consumer?

General Discussion

Related Stores

Apple
Apple

Comments

  • [Deactivated] on 17/06/2020 - 10:34
    -1

    Go in person to the local Apple store, make a lot of noise and you might get a cool swag bag

  • [Deactivated] on 17/06/2020 - 10:54

    Was your password pretty simple?

    • T59047 on 17/06/2020 - 10:56

      Wouldn't say pretty simple, but yes it was a relatively simple one.

    • vikvance on 17/06/2020 - 11:12
      +4

      It doesn't matter if the password is simple or not. The most important thing is that the same password should not be reused for different websites. Using a password manager like Lastpass can help with creating unique passwords for each website.

      You can use the website below to check if your email was part of some data breach & your email/password combination is potentially compromised:
      https://haveibeenpwned.com/

      My Apple account also got hacked & my balance emptied, because of reusing passwords.

      The way it happened was that I had used the same email/password combination on another gaming website, which got hacked. The database of passwords from these hacked websites then typically gets sold on the Darkweb.

      The hacker (from Hong Kong) got hold of the database, and then tried the email/password combination on my Apple account, and then got in, changed the email to his own & emptied my balance.

      I started using Lastpass after that.

      • T59047 on 17/06/2020 - 12:56

        I am using Lastpass all along. Just checked using the website above, I used a same password for a site (datacamp.com) that was breached a while back. I guess there is how the password got hacked.

  • Pecan on 17/06/2020 - 10:56
    +1

    Lesson learned - secure your account properly. You tried asking for reimbursement (which is all you can do) and it got turned down, so be it.

    $50 is not a lot in the grand scheme of things. I hope the credit is the only thing they took - I would be more concerned about other info they could have stolen from accessing your account.

    • vikvance on 17/06/2020 - 11:13

      I would be more concerned about other info they could have stolen from accessing your account.

      It's more that any website where OP has used the same email/password combination can now potentially also be hacked.

      • Pecan on 17/06/2020 - 11:18

        Of course. Assuming this was the case here, op doesn’t say either way.

  • ihbh on 17/06/2020 - 11:29
    +1

    If someone broke into your home and stole some money (Aussie dollars), would you expect the Government to refund you?

  • whooah1979 on 17/06/2020 - 11:44
    +1

    made in different IP, different geo location,

    People can appear to log in from anywhere in the world thanks to VPN.

    Is there any way I could escalate this as an Australian consumer?

    ACT fair trading doesn't have the power to force Apple to issue a refund. Apple isn't responsible for their users choice of passwords.

  • WreckTangle on 17/06/2020 - 22:20
    +1

    I’m an Apple fanboy but this seems like a poor response from Apple

    • skido on 17/06/2020 - 22:27
      -2

      well, someone (the sender) could've given their Apple ID details to a family member/friend (the receiver) in another country, and the receiver could've purchased multiple things on the sender's account, and then the sender could've claimed "I've been hacked."

      would you expect Apple to refund the sender in this case?

    • T59047 on 17/06/2020 - 22:28

      Yeah same here. Hence the disappointment.

Login or Join to leave a comment
Login Join