Apple Apologizes After Stolen Apple ID Credentials Aided in Phishing Attack in China

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Oct 16, 2018.

  1. MacRumors macrumors bot


    Apr 12, 2001

    Apple has formally apologized to users in China over the hacking of some Chinese accounts in a series of phishing scams that hit the country last week. The successful phishing attacks used stolen Apple IDs to gain access to customer funds, leading to "a small number of...users' accounts" being accessed through these scams (via The Wall Street Journal).


    In a statement shared in China today, Apple said: "We are deeply apologetic about the inconvenience caused to our customers by these phishing scams."

    When news of the incident emerged last week, Chinese mobile payment companies Alipay and WeChat reported that hackers were able to take an unknown amount of money from accounts using stolen Apple IDs. Some users were said to have lost up to 2,000 yuan ($288) following the breach.

    According to Apple's new statement, these victims had not enabled two-factor authentication, making it easier for the hackers to gain access to their accounts. Apple didn't confirm how many users were affected in China, how much money was stolen in total, or how the hackers gained access to the Apple IDs in question. The company encouraged all users to enable two-factor authentication on their accounts to ensure further security protections are in place.

    China remains important to Apple's overseas expansion plans, but the company has faced numerous speed bumps in this regard over the years. In 2018, Apple moved Chinese iCloud data to state-owned China Telecom, which brought up user privacy concerns; faced an issue with an overabundance of illegal gambling apps on the Chinese iOS App Store; and is now attempting to clamp down on iMessage spam in the country.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Apple Apologizes After Stolen Apple ID Credentials Aided in Phishing Attack in China
  2. markfc macrumors 6502a


    Sep 18, 2006
    Prestatyn, Wales, UK
    What are Apple apologising for?
    Not forcing 2FA?
  3. Omega Mac macrumors 6502

    Aug 16, 2013
    It seems like everyday for almost two week US tech giants are having to scramble to deal with bad-news stories emanating from their operations and dealings with China.

    Nothing to see here of course. :rolleyes:
  4. AngerDanger, Oct 16, 2018
    Last edited: Oct 16, 2018

    AngerDanger macrumors 601


    Dec 9, 2008
    I hate the blind defense of Apple some MR users provide, but this… really doesn’t seem like Apple’s fault.

    1. This wasn't much of a "hack" if the users had to give their info to services not actually hosted by Apple.
    2. Apple provides two-factor-authenticaltion as a means to reduce your risk of giving this information over.
  5. iapplelove macrumors 601


    Nov 22, 2011
    East Coast USA
    Just curious why this is in the political and social forums?
  6. Mac Fly (film), Oct 16, 2018
    Last edited: Oct 16, 2018

    Mac Fly (film) macrumors 65816

    Mac Fly (film)

    Feb 12, 2006
    It’s called being a responsible actor. It is Apple’s job to help protect their users. Yes, they didn’t have to, but it’s a nice gesture that they did.
  7. keysofanxiety macrumors G3


    Nov 23, 2011
    Did you read the article or just see “China” in the title and filled in the blanks?
  8. ArtOfWarfare macrumors G3


    Nov 26, 2007
    Because this is about Apple kowtowing to China.

    Idiots in China declined two factor authentication, then fell for a phishing attack, and so they lost money. It's hard to say it's Apple's fault here, but rather than defend themselves, Apple is just jumping straight to apologizing.
  9. Mac Fly (film) macrumors 65816

    Mac Fly (film)

    Feb 12, 2006
    Could be unconscious racism. No doubt the mods will tell me off for pointing to a likely truth here.
  10. Lershac macrumors regular

    Feb 21, 2008
    Baton Rouge, LA USA
    It’s also a big cultural thing in China... a lot can be forgiven if an apology is forthcoming.... not like here in the USA where an apology is an admission of guilt and an invitation for lawsuits.
  11. ronntaylor macrumors regular


    Jan 16, 2004
    Flushing, New York
    Any mention of China gets some frothing at the mouth.
  12. bstpierre macrumors 6502a

    Mar 28, 2008
    This reminds me of the time my wife's iTunes gift card balance was wiped out through the purchase of Chinese apps. Apple did nothing for us.
  13. max.ine macrumors regular


    Aug 16, 2016
    I agree that they have nothing to apologise for, but ignoring it completely would be bad PR, which is probably the reason why.

    Hopefully Apple does start enforcing 2FA so we see fewer cases like these.
  14. TheShadowKnows! macrumors 6502a


    Sep 30, 2014
    National Capital Region
    After reading Apple "negative" statements (either disclaimers, or repair announcements, or ...) the canonical "only a few", or a "a small number of..." gets tagged-on by default.

    It is almost like Apple's Pages app (if that is what they use, and not MS Word) has the metakey [COMAND]U key-pair mapped to either prepositional phrase./s
  15. szw-mapple fan macrumors 65816

    szw-mapple fan

    Jul 28, 2012
    A lot of users are not on 2FA because that’s still an option Apple offers. If the option exists, Apple should be responsible for protecting user data even when 2FA is not enabled.
  16. Defthand macrumors 65816

    Sep 1, 2010
    Apple is an obvious cherry picker when it comes to divulging stats. If a new processor improves a task speed from 4 seconds to 2 seconds, it’s “twice as fast”! If 2 million of their 250 million customers has a defective device, it is “an insignificant number”. Of course, we’ll never know the number of customers impacted by something negative, unlike when other tech companies are asked. And this is worrying for a company that routinely touts numbers when they brag.
  17. EdT macrumors 68000


    Mar 11, 2007
    Omaha, NE
    Because China. It’s kind of been in US political news recently, especially when linked to technology companies.
  18. BornAgainMac macrumors 603


    Feb 4, 2004
    Florida Resident
    Why did this have to be labeled? An attack on some Apple customers happened and Apple apologized.
  19. gnasher729 macrumors P6


    Nov 25, 2005
    Putting your seatbelt on while driving is optional as well.
  20. Capeto macrumors regular


    Jul 9, 2015
    I wonder if China can tell Apple to make their services stronger and better, that way it would actually get done.
  21. Kabeyun macrumors 68020


    Mar 27, 2004
    Eastern USA
    His link is to QAnon material, so there’s your answer.
    --- Post Merged, Oct 16, 2018 ---
    Apple did, without Mommy China. The users chose not to enable 2FA, and to click on an email bait link. They paid with a measly $288 and no identity theft (afawk). If they learned their lessons, I’d call it a good deal.
  22. cfurlin macrumors 6502


    Jun 14, 2011
    Apologize to the people of China, not China.

    I wouldn’t be surprised to learn it’s their own government doing the hacking.
  23. BC2009 macrumors 68000


    Jul 1, 2009
    Yup. When this happens in the USA there is no apology and rightfully so. Apple would be at fault here if they did NOT offer 2FA. But they offer it and the user has the option to use it.

    Definitely cultural. It’s a big reason why Trump is facing difficulty getting China to bow down even when tariffs will affect China 10 times worse than they affect the USA. There is a certain level of pride you are dealing with and the apology allows those who were too lazy to use 2FA to save face. Trump needs to find a way for China’s leaders to renegotiate trade while saving face - he probably knows this as he has negotiated more business deals than I ever will.

    If you are saying that 2FA should be forced then you are being naive. Apple’s devices are used by people who could never manage 2FA. We are not talking about AWS here where the user base is all highly technical.

    Forcing 2FA would be like a front door lock that always automatically locked when you closed the door. People need freedom to choose but it also makes them accountable for that choice.
  24. Ries macrumors 68020

    Apr 21, 2007
    Someone tell china to ask about the XS LTE/wifi issues. They seem to get a response.
  25. keysofanxiety macrumors G3


    Nov 23, 2011
    Really?! It's illegal in the UK.

Share This Page

80 October 16, 2018