updated 09:35 am EDT, Wed July 7, 2010
Claims iTunes servers not compromised
Only a small percentage of iTunes accounts were exposed in the recent fraud incident involving e-book apps submitted by Thuat Nguyen, Apple now claims. The company tells Fox's Clayton Morris that approximately 400 people were affected. It also insists that iTunes servers were not compromised, though it has not offered an alternative explanation for the data leak.
As a countermeasure, Apple says it will now require people to enter their credit card's CCV code more frequently for purchases. Those affected by Nguyen's actions were charged for the app downloads, often at a cost of $5 apiece. Apple suggests that if a person's iTunes account is hijacked, the best response is to change the password, and ask the credit card company to cancel the card and issue a chargeback.
Shortly before Nguyen's fraud was discovered, Apple is noted to have begun searching for a full-time "iTunes fraud prevention specialist." The person would be based in Austin, Texas, and among other things require "excellent analytical skills and extensive knowledge of best practices for WW order excpetion management." The timing of the posting may imply that Apple was increasingly concerned about fraud even prior to the Nguyen incident.