Friend’s Apple ID Used as a Vector for Credit Card Fraud

A friend’s Apple ID was compromised and used to purchase an iTunes Gift Card with someone else’s credit card. Here’s how it happened: in March, her Apple ID was accessed by an attacker and her name, address, phone number, and credit card were changed. Twenty-four hours later the attacker purchased a $20 iTunes gift card. Four days later, Apple failed to charge her Apple Music subscription to the stolen credit card – the credit card had been canceled.

This all came to light four months later when I was called in to troubleshoot why she couldn’t make purchases in iTunes. We have since changed her iTunes password and turned on two-factor authentication. We also verified the devices logged in to her Apple ID account were known good devices.