Chinese Criminals Are Selling Your Apple Data

A massive underground criminal operation run by employees of an Apple “domestic direct sales company and outsourcing company” to steal and sell the private data of Apple users has been uncovered in China, according to authorities.

Chinese law enforcement detained 22 people on suspicion of infringing the privacy of Apple users and illegally obtaining their digital personal information, according to local police in southern Zhejiang province.

The authorities did not specify whether the data belonged to Chinese or foreign Apple users. Of the 22 suspects, 20 were employees of companies who worked with Apple, who allegedly used internal systems to gather users’ names, phone numbers, Apple IDs and other personal data, which was then sold as part of a scam worth more than 50m yuan (£5.8m).

A co-ordinated effort, following months of investigation and involving police across the Guangdong, Jiangsu, Zhejiang, and Fujian provinces, saw the 22 suspects apprehended, their “criminal tools” confiscated.

The suspects worked in direct marketing and outsourcing for Apple in China, and allegedly charged between 10 yuan (£1.15) and 180 yuan (£20.76) for pieces of the illegally extracted data.

The sale of personal information is common in China, which implemented a controversial new cybersecurity law aimed at protecting the country’s networks and private user information on 1 June.

In December, an investigation by the Southern Metropolis Daily newspaper exposed a black market for private data gathered from government and police databases.

Reporters successfully obtained a trove of material on one colleague, such as flight history, hotel checkouts and property holdings, in exchange for a payment of 700 yuan (£80.77).

Apple declined to comment.

Guardian:

You Might Aslo Read:

China Postpones Implementing New Cybersecurity Law:

China’s Plan To Organise Society Using Big Data:

 

« Intel's Data Solutions For Military & Commercial Use
News & Sports Websites 'vulnerable to attack' »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

International School of IT Security (ISITS)

International School of IT Security (ISITS)

The International School of IT Security (ISITS) is a leading provider of professional training in the field of IT Security.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

ThreatAdvice

ThreatAdvice

ThreatAdvice is a provider of cybersecurity education, awareness and threat intelligence.

Cyber Observer

Cyber Observer

Cyber Observer’s team specializes in providing corporate officers with comprehensive, visual, real-time performance overview, critical security control (CSC) analysis.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

NVISIONx

NVISIONx

NVISIONx data risk governance platform enables companies to gain control of their enterprise data to reduce data risks, compliance scopes and storage costs.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.

ITUS Secure Technologies

ITUS Secure Technologies

ITUS offer fully outsourced cybersecurity solutions working with leading security vendors, providing next-gen solutions.

Styx Intelligence

Styx Intelligence

Styx Intelligence’s platform provides visibility and supports remediation against threats targeting your digital assets.