Apple Learning Interchange: Security Compromise
Apple is apparently alerting ALI forum members that Learning Interchange account passwords have been compromised. In a message forwarded to us by several TUAW readers, Apple warns that members who commonly use the same credentials on multiple sites may be at risk. If you are an ALI account user, please consider updating any accounts that use identical credentials. Here is the Apple quote that was sent to us. We recently learned that the security of Apple Learning Interchange (ALI) members' names and passwords may have been compromised. These accounts are limited to accessing the ALI discussion board and do not contain sensitive information such as credit card or social security numbers.
While ALI member names and passwords are not linked to your Apple ID, our records indicate that your ALI member name and Apple ID are the same. For this reason we strongly recommend that you change your Apple ID password as well as any others that might have the same name and password combination.
At the time of posting, the ALI site (also linked to in the Source link) is unavailable. We do not have confirmation from Apple about this situation, although we have contacted them for a statement.
Share
Apple is apparently alerting ALI forum members that Learning Interchange account passwords have been compromised. In a message forwarded to...
Add a Comment
I thought that the /etc/password file only contained the hash of each user password. So, even the webmaster or root cannot see your password, but the authentication algorithm can verify your entered password with the hash.
Were they using MD5?
As far as I know the only place you can procure official Apple gear is from their company store in Cupertino.
http://www.apple.com/companystore/
I recently had my Apple ID hijacked when I joined the iPhone Dev Center. I was asked to log in with my username & password for the Apple Dev Center, which of course your my Apple ID.
Within an hour or two, someone logged into iTunes changed my username & password, locking me out. They also bought two $50.00 iTunes Gift Certificates.
Being that Apple doesn't have 24 hr customer service I couldn't straighten it out until the next day.
There are many ways, someone can either change a password on an account. There is even a simple web eMail form where you can just ask to have it done. But no one has told me yet how it was changed. I want to know how this person got my info by joining one of the Apple Dev Connections?
This has Apple ID hijacking has been going on for years, and Apple has done nothing about it.
I documented the whole thing on my blog, if anyone is interested.
http://is.gd/1lJ0U
Erica - Where can we cop that sweet hoodie in the pic?
July 03 2009 at 5:50 AM Report abuse Permalink rate up rate down ReplyWell that's why I use 1Password. I can create a new password for every site I visit but only every have to type in my master password. One password to rule them all.
July 03 2009 at 12:39 AM Report abuse Permalink rate up rate down ReplyWhere can I get the Apple sweatshirt in the photograph? It looks sweet.
July 03 2009 at 12:24 AM Report abuse Permalink rate up rate down Reply+1 would love one of those!
July 03 2009 at 7:24 AM Report abuse Permalink rate up rate down ReplyStore Hours:
Monday - Friday 10:00 a.m. to 5:30 p.m.
Phone: (408) 974-5050
Deals of the Day
more deals- Used Apple iPad 64GB WiFi + 3G for $240 + free shipping
- AviiQ Portable USB Charging Station with cable rack for $54 + $8 s&h
- Dual USB Car Charger Adapter for $2 + free shipping
- Skullcandy 50/50 Earbuds for $25 + free shipping
- Monster Beats by Dr. Dre iBeats Earbuds for $39 + free shipping
- USB Data Charger Cable for iPhone / iPod 3-Pack for $2 + free shipping
Software Updates
more updatesFeatured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
9 Comments