Motherboard Forums


Reply
Thread Tools Display Modes

Compromised Apple ID ?

 
 
JF Mezei
Guest
Posts: n/a
 
      02-26-2012, 05:57 AM
Tried to access some apple services today only to be told that my ID had
been suspended for securuty reasons.

Had to change the password.

According to the FAQ on the password change web site, it is apparently
because someoe tried to access my account to many times.

Just curious if others experienced this recently or if I would have some
targeting this at a very narrow group of users ?

I take it it is impossible for us to get logs of those attempts to find
out where they came from ? (or when they were made) ?
 
Reply With Quote
 
 
 
 
Richard Maine
Guest
Posts: n/a
 
      02-26-2012, 07:54 AM
JF Mezei <(E-Mail Removed)> wrote:

> Tried to access some apple services today only to be told that my ID had
> been suspended for securuty reasons.
>
> Had to change the password.
>
> According to the FAQ on the password change web site, it is apparently
> because someoe tried to access my account to many times.
>
> Just curious if others experienced this recently or if I would have some
> targeting this at a very narrow group of users ?
>
> I take it it is impossible for us to get logs of those attempts to find
> out where they came from ? (or when they were made) ?


I get notifications of attempts to change my password quite often,
always accompanied by an assurance "not to worry" if it wasn't me. Looks
like the last one was... let's see... 9 days ago, and one 3 days before
that, another 15 days before that, etc. That's just one of the many,
many reasons I greatly dislike the App store (and I make sure that it
does not have any valid credit card data for me).

A few years ago, my id was disabled for too many attempts. I just made a
new id, that being before the App store. I remember wondering why anyone
was bothering. At the time, the id had no real value at all: no money,
licenses, personal data (well, none that was real), or anything you'd
think anyone would care about. Just an easily created and easily
abandoned id tha I needed to download free developer stuff on fairly
rare occasion. But I still got people trying to access it regularly.

--
Richard Maine | Good judgment comes from experience;
email: last name at domain . net | experience comes from bad judgment.
domain: summertriangle | -- Mark Twain
 
Reply With Quote
 
 
 
 
JF Mezei
Guest
Posts: n/a
 
      02-26-2012, 08:50 AM
Richard Maine wrote:

> I get notifications of attempts to change my password quite often,
> always accompanied by an assurance "not to worry" if it wasn't me.



I've had an Apple ID for years and this was the first time I got such a
problem. But if this is supposed to be common, then I know it wasn't
targetted especially at me.


Perhaps it wasn't so smart for Apple to use an email address as username.
 
Reply With Quote
 
Alan Browne
Guest
Posts: n/a
 
      02-26-2012, 02:12 PM
On 2012-02-26 00:57 , JF Mezei wrote:
> Tried to access some apple services today only to be told that my ID had
> been suspended for securuty reasons.
>
> Had to change the password.
>
> According to the FAQ on the password change web site, it is apparently
> because someoe tried to access my account to many times.


Damn! They're on my trail!
Damn.

Sorry about that - next time I'll try not to break in too many times.

> Just curious if others experienced this recently or if I would have some
> targeting this at a very narrow group of users ?


English please.

> I take it it is impossible for us to get logs of those attempts to find
> out where they came from ? (or when they were made) ?


Ask Apple (you should have a pretty good idea where that will go.

They won't release logs because for all they know *you* (the requestor)
were also the person "testing" the defenses and the logs may reveal
something about their defenses. And sanitizing the logs is just too
much to ask for and would, in any case, render them useless to you as well.

--
"I was gratified to be able to answer promptly, and I did.
I said I didn't know."
-Samuel Clemens.
 
Reply With Quote
 
Paul Sture
Guest
Posts: n/a
 
      02-26-2012, 02:15 PM
On Sun, 26 Feb 2012 03:50:59 -0500, JF Mezei wrote:

> Richard Maine wrote:
>
>> I get notifications of attempts to change my password quite often,
>> always accompanied by an assurance "not to worry" if it wasn't me.

>
>
> I've had an Apple ID for years and this was the first time I got such a
> problem. But if this is supposed to be common, then I know it wasn't
> targetted especially at me.
>
>
> Perhaps it wasn't so smart for Apple to use an email address as
> username.


There are plenty of systems out there which use the email address as the
username. Perhaps Apple is doing you a favour by reporting failed login
attempts where the other services don't?

It's my guess that someone is hoping to come across a paid version of an
Apple Developer account, and the download goodies such as the Mountain
Lion preview that you can get with one of those.



--
Paul Sture
 
Reply With Quote
 
Alan Browne
Guest
Posts: n/a
 
      02-26-2012, 02:17 PM
On 2012-02-26 03:50 , JF Mezei wrote:
> Richard Maine wrote:
>
>> I get notifications of attempts to change my password quite often,
>> always accompanied by an assurance "not to worry" if it wasn't me.

>
>
> I've had an Apple ID for years and this was the first time I got such a
> problem. But if this is supposed to be common, then I know it wasn't
> targetted especially at me.
>
>
> Perhaps it wasn't so smart for Apple to use an email address as username.


It also points to an organized attack using lists that are widely available.

I use a relatively strong pw for sites like that, but I think I'll
increase the PW entropy a notch.

--
"I was gratified to be able to answer promptly, and I did.
I said I didn't know."
-Samuel Clemens.
 
Reply With Quote
 
Michelle Steiner
Guest
Posts: n/a
 
      02-26-2012, 04:30 PM
In article <1kg1olx.gjigqf1p09v2N%(E-Mail Removed)>,
(E-Mail Removed)ure (Richard Maine) wrote:

> I get notifications of attempts to change my password quite often,
> always accompanied by an assurance "not to worry" if it wasn't me. Looks
> like the last one was... let's see... 9 days ago, and one 3 days before
> that, another 15 days before that, etc. That's just one of the many,
> many reasons I greatly dislike the App store (and I make sure that it
> does not have any valid credit card data for me).


You don't like it because it is secure enough to keep strangers from
accessing your account?

-- Michelle

--
Tea Party Patriots is to Patriotism as
People's Democratic Republic is to Democracy.
 
Reply With Quote
 
Michelle Steiner
Guest
Posts: n/a
 
      02-26-2012, 04:31 PM
In article <4f49f273$0$20224$c3e8da3$(E-Mail Removed) om>,
JF Mezei <(E-Mail Removed)> wrote:

> > I get notifications of attempts to change my password quite often,
> > always accompanied by an assurance "not to worry" if it wasn't me.

>
> I've had an Apple ID for years and this was the first time I got such a
> problem. But if this is supposed to be common, then I know it wasn't
> targetted especially at me.


I have never had it happen to me, and I've had that Apple ID for longer
than I can remember.

--
Tea Party Patriots is to Patriotism as
People's Democratic Republic is to Democracy.
 
Reply With Quote
 
Wes Groleau
Guest
Posts: n/a
 
      02-26-2012, 06:49 PM
On 02-26-2012 03:50, JF Mezei wrote:
> Richard Maine wrote:
>> I get notifications of attempts to change my password quite often,
>> always accompanied by an assurance "not to worry" if it wasn't me.

>
> I've had an Apple ID for years and this was the first time I got such a
> problem. But if this is supposed to be common, then I know it wasn't
> targetted especially at me.


I've had one for over ten years and have never received such a warning.
So maybe some somewhere doesn't like Richard. Or thinks Richard has
something worth hacking for.

> Perhaps it wasn't so smart for Apple to use an email address as username.


Whenever (often) some outfit wants e-mail address to double as login, I
always create a new one and never use it for anything else.

Send one e-mail to a Windows user (or have someone else forward one of
yours to a Windows user, and the viruses and spammers begin spreading
that address everywhere.

--
Wes Groleau

Heroes, Heritage, and History
http://UniGen.us/webtrees

 
Reply With Quote
 
Alan Browne
Guest
Posts: n/a
 
      02-26-2012, 06:58 PM
On 2012-02-26 13:49 , Wes Groleau wrote:

> Whenever (often) some outfit wants e-mail address to double as login, I
> always create a new one and never use it for anything else.
>
> Send one e-mail to a Windows user (or have someone else forward one of
> yours to a Windows user, and the viruses and spammers begin spreading
> that address everywhere.


I use one particular e-mail address for login signups. (with a few
exceptions).

Appropriately it is (E-Mail Removed)

I log in there only to finish a new account sign up. I ignore whatever
else is there.

--
"I was gratified to be able to answer promptly, and I did.
I said I didn't know."
-Samuel Clemens.
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Has your credit card number been compromised? Michelle Steiner Apple 115 05-08-2012 03:27 AM
Investigating possibly compromised laptop JF Mezei Apple 23 05-02-2011 01:06 AM
Apple Toner, Apple Ink Cartridges, Apple Ribbons Jacobs HP 0 07-16-2010 09:38 AM
Apple-Q versus Apple-W is hard for beginners Markus Dehmann Apple 43 01-03-2006 08:05 AM
Apple WILL move to Intell: How long before the Apple hizark21@yahoo.com PC Hardware 18 08-09-2005 03:13 AM


All times are GMT. The time now is 11:54 PM.


Welcome!
Welcome to Motherboard Point
 

Advertisment