|
|
Freeverse, Inc.'s SOUND STUDIO 3.5.5 - Sound Studio is for anyone
who needs to record or edit audio with a professional tool, but at
a consumer price. Perfect for Podcasts, Music, More! Now updated
for OS X 10.5 Leopard. <http://www.freeverse.com/soundstudio>
|
![[F]](/Images/i7/site.gif)
TidBITS 
TidBITS TidBITS Talk
.Mac security question: security question & birthday were reset
![[christinestinson]](/webx/?30@@1)
christinestinson - 11:01am Jul 5, 2006 PSTYesterday I had 3 separate unauthorized downloads of music from my iTunes account. When I looked at my iTunes and .Mac account security settings, I discovered that my security question/answer and birthday had been reset (to "what is your pet's name" with the answer "vinyl" and "25 April", neither of which is remotely correct for me).
I have changed my password, security questions, etc. and cancelled my iTunes-affiliated credit card.
How could this have happened? Are these any invasive files on my Macintosh computers that I should search for and delete to keep this from happening again? If someone has access to my .Mac/iTunes account, why would they reset my security question/answer and birthday?
I am very careful not to open email attachments from people I don't know, etc.
(If this isn't the appropriate forum for this question, can you suggest an alternative forum?)
Thank you!
Christine Stinson
|
|
Re: .Mac security question: security question & birthday were reset
On Jul 5, 2006, at 11:01 AM, christinestinson wrote:
> Yesterday I had 3 separate unauthorized downloads of music from my
> iTunes account. When I looked at my iTunes and .Mac account
> security settings, I discovered that my security question/answer
> and birthday had been reset (to "what is your pet's name" with the
> answer "vinyl" and "25 April", neither of which is remotely correct
> for me).
A few suggestions,
There are a number of ways this info could have been compromised,
without a full forensic investigation narrowing down the exact source
might be difficult. This might not be the result of a system
compromise. Anyone else have access to the account? Were any
purchases made?
Before starting any of this make a full backup onto an external
drive. I've been using SuperDuper lately.
I first suggest you run a virus scan of your system. You have access
to Virex as part of .Mac. I don't really like it because it's so
intrusive, but you can install it, run it, then clean it off with
something like App Zapper when you're done. ClamXAV is less intrusive
and probably a better place to start, but if it doesn't find anything
you might still want to run Virex. If you are technically inclined
you can also run Little Snitch to see what applications are sending
data out to the Internet, possibly helping you discover any backdoor.
If you have access to 2 macs you can install AV on one system, then
boot your suspect machine into target disk mode and run the AV
against it.
Also, have you accessed .Mac from any Windows systems? That could be
the problem.
If you really do suspect a compromise make sure you don't have
anything on your iDisk that might cause problems for you. Do you
Backup to iDisk? Any sensitive files like Quicken in there?
-rm
|
|
|
TidBITS TidBITS TidBITS Talk .Mac security question: security question & birthday were reset
