As if the recent imbroglio between Apple and China was not enough, Ma must take care of another problem that appeared in the country, in which data of Apple IDs of company customers were used by criminals to steal money from accounts linked to the AliPay (from Alibaba) and with WeChat Pay (from Tencent) are the two largest Chinese mobile payment services.
Both online payment companies have confirmed that several of their customers have been the target of fraudulent purchases. AliPay has published a note stating that it has contacted Apple and is working to find out what caused the system breach, as reported by The Wall Street Journal.
Some iPhone users in China have complained in recent days that they have received notifications of spending from the App Store that they have not authorized, according to state media China National Radio. Complaints in social media allege losses that in some cases reach hundreds of dollars, with notifications of text messages in strange times.
The company also warned users who linked their Apple IDs to any payment service, including WeChat Pay, that they should reduce the transaction limit to avoid further losses and, of course, change the password for accessing accounts. Tencent said it will also contribute to the investigations.
It is not yet clear how the attackers managed to access Apple IDs, nor how they managed to make purchases on the App Store without authentication. A company spokesman recommended that users access Ma's support page, which explains how to protect your account from fraud, how to use two-factor authentication, for example.
As we said, AliPay and WeChat Pay are the largest mobile payment services in China, with approximately 700 million and 800 million users, respectively. In 2017, the two companies handled about $ 15 trillion in combined transactions!
A few months ago, Apple faced a similar situation, but in Singapore, where about 56 Ma customers were harmed in thousands of dollars after fraudulent purchases on the iTunes Store.
Update 10/16/2018 at 09:57
Apple apologized for breaking into Apple customer IDs in China, as disclosed by 9to5Mac. According to the company, the attack affected a ?small number? of user accounts. Although details about the hacking were not shared, Apple said the affected accounts did not have two-factor authentication enabled.
Without this authentication, the criminals were able to not only access, but also steal the credentials of the affected accounts and, with this information, they extracted money from users using applications such as AliPay, as we commented. The amount stolen from online payment services was also not disclosed.
Ma emphasized the importance of two-factor authentication and said that if the feature had been enabled, users could have denied access to Apple IDs on unknown devices.