Yesterday Media Reported a regular phenomenon that affects users of iTunes, hacking of their account.
The result is always the same. After finding username and password of the user, hackers use the account to buy apps or make purchases in-App.
The big question is how the pirates recover these passwords. Time was discussed in some media of a security flaw in Apple, but things seem unlikely given that these waves of piracy were never of great magnitude.
We assume however that these hacks are linked to other thefts of customer files either from Sony last year or recently in Steam through other less visible or unreported by companies. But often people use the same password for many services when they are not all online services. Hackers can then test these usernames and password on many sites, and millions of stolen cards they always find account valid and usable.
It is therefore important to advise users to think about having passwords unique for each service, especially when the identifier comes down to their email address. This should be systematic, even if you use them for services sometimes minor and of no commercial value. This is inevitably less convenient than having always the same, but the price to be as quiet as possible.