Chinese Criminals Are Selling Your Apple Data

Uploaded on 2017-06-30 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

A massive underground criminal operation run by employees of an Apple “domestic direct sales company and outsourcing company” to steal and sell the private data of Apple users has been uncovered in China, according to authorities.

Chinese law enforcement detained 22 people on suspicion of infringing the privacy of Apple users and illegally obtaining their digital personal information, according to local police in southern Zhejiang province.

The authorities did not specify whether the data belonged to Chinese or foreign Apple users. Of the 22 suspects, 20 were employees of companies who worked with Apple, who allegedly used internal systems to gather users’ names, phone numbers, Apple IDs and other personal data, which was then sold as part of a scam worth more than 50m yuan (£5.8m).

A co-ordinated effort, following months of investigation and involving police across the Guangdong, Jiangsu, Zhejiang, and Fujian provinces, saw the 22 suspects apprehended, their “criminal tools” confiscated.

The suspects worked in direct marketing and outsourcing for Apple in China, and allegedly charged between 10 yuan (£1.15) and 180 yuan (£20.76) for pieces of the illegally extracted data.

The sale of personal information is common in China, which implemented a controversial new cybersecurity law aimed at protecting the country’s networks and private user information on 1 June.

In December, an investigation by the Southern Metropolis Daily newspaper exposed a black market for private data gathered from government and police databases.

Reporters successfully obtained a trove of material on one colleague, such as flight history, hotel checkouts and property holdings, in exchange for a payment of 700 yuan (£80.77).

Apple declined to comment.

Guardian:

You Might Aslo Read:

China Postpones Implementing New Cybersecurity Law:

China’s Plan To Organise Society Using Big Data:

 

« Intel's Data Solutions For Military & Commercial Use
News & Sports Websites 'vulnerable to attack' »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Landry & Associates

Landry & Associates

Landry & Associates is a multidisciplinary firm specializing in risk management, performance and technology management.

Fredda Stanza

Fredda Stanza

Fredda Stanza specialize in Information Security and Forensics Consulting.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

National Institute of Information and Communications Technology (NICT) - Japan

National Institute of Information and Communications Technology (NICT) - Japan

NICT is Japan’s sole National Research and Development Agency specializing in the field of information and communications technology.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Alethea

Alethea

Alethea is a technology company helping companies, nonprofits, and democracies protect themselves from harms stemming from disinformation and social media manipulation.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

ColCERT

ColCERT

ColCERT is the national cybersecurity emergency response team of Colombia.