Stolen Apple IDs used in string of digital payment thefts in China, says report | Cyber Security
The iPhone maker on Tuesday said it found a “small number of our users’ accounts” had been accessed through phishing scams. “We’re deeply apologetic about the inconvenience caused to our customers by these phishing scams,” Apple said in a Chinese-language statement, according to The Wall Street Journal.
Apple didn’t immediately respond to CNET’s request for further comment.
Popular Chinese e-transaction giants Alipay and Tencent Holdings warned users last week that hackers used hijacked Apple IDs to steal cash from customers’ accounts, according to a Bloomberg report. It’s unclear how much the hackers stole.
Apple on Tuesday said victims of the scam hadn’t enabled two-factor authentication, according to the Journal. The company reportedly didn’t reveal how hackers got their hands on the users’ Apple IDs and passwords but said people should turn on two-factor authentication — which requires users to enter a code after putting in a password — to further protect their accounts.
Alipay said in a blog post last week that it was working with Apple to figure out how the hackers got in. The company warned that customers may be vulnerable to theft if they’ve linked their Apple IDs to Alipay accounts, WeChat Pay or credit cards. Alipay suggested users lower their transaction limits to prevent large amounts of money from being stolen.
Tencent, which developed the popular chat app WeChat, reportedly said it had also contacted Apple. It advised users to safeguard their Apple ID. WeChat has more than a billion users worldwide and can be used to pay for basically anything in China.
Alipay operates under Ant Financial, which is controlled by Jack Ma, the billionaire co-founder of e-commerce giant Alibaba.
Alipay and Tencent Holdings didn’t respond to requests for comment.