Apple Apologizes After Stolen Apple ID Credentials Aided in Phishing Attack in China
Apple has formally apologized to users in China over the hacking of some Chinese accounts in a series of phishing scams that hit the country last week. The successful phishing attacks used stolen Apple IDs to gain access to customer funds, leading to "a small number of...users' accounts" being accessed through these scams (via The Wall Street Journal).
In a statement shared in China today, Apple said: "We are deeply apologetic about the inconvenience caused to our customers by these phishing scams."
When news of the incident emerged last week, Chinese mobile payment companies Alipay and WeChat reported that hackers were able to take an unknown amount of money from accounts using stolen Apple IDs. Some users were said to have lost up to 2,000 yuan ($288) following the breach.
According to Apple's new statement, these victims had not enabled two-factor authentication, making it easier for the hackers to gain access to their accounts. Apple didn't confirm how many users were affected in China, how much money was stolen in total, or how the hackers gained access to the Apple IDs in question. The company encouraged all users to enable two-factor authentication on their accounts to ensure further security protections are in place.
China remains important to Apple's overseas expansion plans, but the company has faced numerous speed bumps in this regard over the years. In 2018, Apple moved Chinese iCloud data to state-owned China Telecom, which brought up user privacy concerns; faced an issue with an overabundance of illegal gambling apps on the Chinese iOS App Store; and is now attempting to clamp down on iMessage spam in the country.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Rated Comments
Not forcing 2FA?
1. This wasn't much of a "hack" if the users had to give their info to services not actually hosted by Apple.
2. Apple provides two-factor-authenticaltion as a means to reduce your risk of giving this information over.
Nothing to see here of course. ('https://qmap.pub') :rolleyes: