1080p: Er, how did they gain access your Apple account exactly? That hack released the Apple iPhone UDID list. Not your password or any other personal information.
"As proof, the hackers released a stripped-down version of that file that only contained 1 million UDIDs, with associated Apple Push Notification Service tokens and device names. The other personal data that accompanied many of the UDIDs was intentionally removed, the hackers said."
I strongly believe this hack and your account compromise are completely unrelated.
keewee01: So it looks like these little w@nk5r$ used the stolen details to download a free game from iTunes and to then make an in game purchase of $24.99. Great security Apple! And even better security FBI - why were the FBI in possession of my account details in the first place!?????????
Game developer association of private personal details with UUID has been known for some time as a security problem. Bad idea from the beginning. Major game developers were unwilling to change this architecture. Some did work to mitigate the extent of the problem without changing the basic architecture. Apple began to discourage the UUID association practice a little while ago, deprecated the API, but it still can be and is widely used by game developers.
For keewee01 it is very likely the attackers first compromised the game account using the UUID {and} from there obtained enough further information to compromise the iTunes account. There are other possibilities to go forward after the {and} depending on how bad things were at the game end of things.
So, end of the story - very likely the game was compromised first and then {if at all - perhaps not necessary} iTunes account compromised as a result of information obtained from game account.
It follows from the above - resetting your iTunes password may make no difference to the attack vector.
In these circumstances it is not surprising to me Apple has disabled an account completely.
Trusted
Orcon
... 
