Chinese Criminals Are Selling Your Apple Data

Uploaded on 2017-06-30 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

A massive underground criminal operation run by employees of an Apple “domestic direct sales company and outsourcing company” to steal and sell the private data of Apple users has been uncovered in China, according to authorities.

Chinese law enforcement detained 22 people on suspicion of infringing the privacy of Apple users and illegally obtaining their digital personal information, according to local police in southern Zhejiang province.

The authorities did not specify whether the data belonged to Chinese or foreign Apple users. Of the 22 suspects, 20 were employees of companies who worked with Apple, who allegedly used internal systems to gather users’ names, phone numbers, Apple IDs and other personal data, which was then sold as part of a scam worth more than 50m yuan (£5.8m).

A co-ordinated effort, following months of investigation and involving police across the Guangdong, Jiangsu, Zhejiang, and Fujian provinces, saw the 22 suspects apprehended, their “criminal tools” confiscated.

The suspects worked in direct marketing and outsourcing for Apple in China, and allegedly charged between 10 yuan (£1.15) and 180 yuan (£20.76) for pieces of the illegally extracted data.

The sale of personal information is common in China, which implemented a controversial new cybersecurity law aimed at protecting the country’s networks and private user information on 1 June.

In December, an investigation by the Southern Metropolis Daily newspaper exposed a black market for private data gathered from government and police databases.

Reporters successfully obtained a trove of material on one colleague, such as flight history, hotel checkouts and property holdings, in exchange for a payment of 700 yuan (£80.77).

Apple declined to comment.

Guardian:

You Might Aslo Read:

China Postpones Implementing New Cybersecurity Law:

China’s Plan To Organise Society Using Big Data:

 

« Intel's Data Solutions For Military & Commercial Use
News & Sports Websites 'vulnerable to attack' »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

CyberOwl

CyberOwl

CyberOwl builds on cutting-edge research and combines decades of experience in developing, securing and operating large distributed systems.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Living Security

Living Security

Living Security specializes in metric driven and engaging security awareness solutions that reduce risk by increasing security culture and changing employee behaviour.

RedShield Security

RedShield Security

RedShield is the world's first web application shielding-with-a-service company.

IAR Systems

IAR Systems

IAR Systems are a frontrunner in a changing industry, and a future-proof software supplier enabling the IoT.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

TestifySec

TestifySec

TestifySec is an evidence-driven security and compliance platform that turns every software build into cryptographic proof, letting teams ship secure, audit-ready software.