Help! My Apple Account Was Hacked

Have you ever had any of your accounts hacked?  I have only had had it happen once before, and it was an awful experience.  It was a Facebook page I managed for my job, and we had over 500K followers.  Someone hacked in and started posting very offensive pornographic photos.  Luckily, I was able to detect the invasion within half an hour and changed my password immediately.  This stopped the hack and I was able to delete the offensive posts.

But, last night my Apple iTunes account was hacked and someone downloaded $245 worth of apps/tv shows/movies!!

pexels-photo-97077.jpeg

You've been hacked.

True story, this happened last night.  An email from the apple at 9:17 pm last night that said,

Your Apple ID  was used to sign in to iCloud on a Windows PC.Date and Time: March 7, 2017, 8:17 PM PST Operating System: WindowsIf the information above looks familiar, you can disregard this email
— Apple

Reflecting on this now, I remember thinking "I didn't login on my computer...." but I did nothing about it.  I got a 2nd email about 30 minutes later confirming that the new episode of of my favourite TV show This Is Us was now available on my Apple TV.  "That makes sense now, that is probably what it was"

Except it wasn't.  When I woke up this morning I had 4 more emails from Apple.  This time saying I had added someone to my family sharing plan, named Jingsan.  

The other emails were all receipts for the purchases the hacker made using my account totally $245!!

This is what I did next, and what you can do too if you ever have this happen: 

1. Change Your Password. Go to the Apple ID login page, and change your password in the Security settings of your account. Be sure to select a strong passwords  (minimum of 8 characters) combine uppercase and lowercase letters, numbers and other symbols.  I get that this is a pain to keep track of all the complex passwords you must have, but trust me, it is necessary.

2. Check what devices you have connected to your account. All the devices will be listed under the Device section of your account. If you see one that you do not recognize, click Remove, and this will automatically sign that device out of your account. 

3. Confirm that all of your personal details are accurate and have not been changed. 

Keep scrolling down on that same settings page to find the Account section. Be sure to review all the information in this section very carefully to see if any new phone numbers or email addresses have been added to the account. If they have, remove them immediately by clicking the Edit button on the far right side of the screen. 

4. Check your purchase history. This is where I discovered the purchases I had not made.  I reported each of them immediately by clicking "report a problem" next to the item 

I also contacted an Apple representative on my desktop computer using their chat function. Within 15 minutes, the situation was resolved, my account was refunded and the hacker no longer had access to my account.

Has this ever happened to you?  I would love to hear your story and how you managed it.

Learn more about what Apple says about security and your Apple ID here.