Massachusetts Attorney General, Victim of iTunes Fraud

chicksdaddy writes "Massachusetts Attorney General Martha Coakley said on Tuesday that her office would be inquiring into long-standing complaints about fraudulent purchases that leverage Apple's popular online music store. Coakley was herself a victim of identity theft in recent months, telling the audience that her stolen credit card information was used to make fraudulent iTunes purchases. When asked (by a Threatpost reporter) about whether such fraud constitutes a reportable event under the Bay State's strict data breach notification law, 201 CMR 17, Coakley said that her office would be looking into that question and demanding answers from Cupertino, which has steadfastly refused to respond to media requests regarding user reports about fraudulent iTunes purchases, and which has not reported the breaches to Massachusetts regulators."

Obviously

Only now that she was affected does she look into it. It didn't matter that everyone else was.

Re:Obviously

[SmurfButcher+Bob]

Well, she has to make certain she wasn't holding the card wrong.

Re:Obviously

[msauve]

She has to look into it because iPods are scary. They have batteries and wires in them!

Re:Obviously

[Xacid]

If that's the case then I suppose I'll stop being okay with wars when I'm drafted into one then. Or have a bomb dropped on me.

Re:Obviously

[hey!]

OK, I'm a liberal, so I've can't let that pass. Liberals care about lots of things that don't affect them -- drowning polar bears, leaking nuclear waste a thousand years from now, educating the offspring of undocumented immigrants. Just don't ask us to do anything about them. We've signed the petition, so we've done our part.

I'll fight any injustice, so long as all I have to do is blog about it.

Could be the only way to get the law changed

[SleazyRidr]

Attack the Attornies General so they realise how the real world works and kick up enough stink to get the laws we need.

This isn't going to end well.

[PeanutButterBreath]

Some day she is going to find herself wishing that she just admitted to her IT guy that she likes the Jonas Brothers and downloaded those tracks herself rather than letting this fraud story spiral out of control.

Or. . .

[PeanutButterBreath]

. . .she will use her uncommon influence to resolve her own problem and thus conclude that the legal system works "as-is".

Im confused

[Altus]

I could see, if her identity was stolen from the records that apple has, how the new laws would apply to Apple. But her identity was stolen from elsewhere and then her credit card used to purchase stuff from Apple. I can't really see how Apple has anything to do with it. Would you go after Shell if someone used a stolen card to buy some gas?

Sure, dell stopped the purchase of a multi hundred dollar computer, but should Apple have to check ever 99 cent transaction? I don't even have to sign receipts most places if the total is under 20 bucks. If she canceled the card, isn't that her banks fault?

The data breach laws seem like a good thing, its important that Apple and others protect information about their customers against theft, but her identity was stolen during a ski trip to New Hampshire. That doesn't seem like it has anything to do at all with Apple or iTunes.

Re:Im confused

[oboylet]

This happened to me as well. A series of mysterious iTunes charges popped up all over my CC statement, totaling hundreds of dollars. The charges all show up as "1800-APPLE-XYZ" or some such. Call up that number, and there's a recording that refers you to itunes.com/cc (or whatever). On that site, it refers you to the useless 1800 number. When I contacted my credit card's fraud hotline they said they had been having all sorts of problems with fraudulent charges at iTunes. Mysterious charges, and they (Chase) could get no answers from Apple. Since Apple wouldn't reverse the charges, I had to file a fraud claim, and get a new card. A big hassle for me. By the way, this was in the Spring of 2010. IANAL, but if there is a history of fraudulent activity and the vendor has ignored it, then yes, I'd say they have some responsibility "to check every 99 cent transaction."

Does it even fall under the data breach laws?

[Richard_at_work]

Apple maintain the position that it is end users that are being compromised, and not their servers - so why should they need to report anything if there is no evidence to the contrary?

Breach by Apple???

[superdave80]

...her stolen credit card information was used to make fraudulent iTunes purchases. When asked (by Threatpost) about whether such fraud constitutes a reportable event under the Bay State's strict data breach notification law, Coakley said that her office would be looking into that question and demanding answers from Cupertino,...

Huh? How is this a 'breach' by Apple? Her credit card was stolen by somebody, and then used to buy something from iTunes. Apple wasn't hacked into; they processed what looked to be a valid credit card transaction.

The Apple fan boi

[geekoid]

and apologists are out early.

"Informed of the well documented pattern of fraud through iTunes, in which stolen credit cards or bogus iTunes gift cards are matched with compromised iTunes accounts and used to purchase merchandise, Coakley said she wasn't aware of the larger pattern, but that it could be a reportable offense under the State's data privacy law. She promised her office would be contacting Apple for more information that very afternoon - a statement that received hearty applause from the audience."

Apple is being compromised, Apple hasn't reported as required.

Apple seems to be in the wrong here in that the have violated MA privacy laws.

Re:But

[cheater512]

Yeah. Who buys their daughter a $1,700 computer when a $400 one will more than suffice?