Apple apologizes over Apple ID account hacks in China

Apple today unexpectedly issued an apology to its customers in the 1.33 billion people market of China who became victims of the scams where nefarious users hacked into some Apple ID accounts that weren’t protected with Apple’s secure two-factor authentication system.

The Wall Street Journal reported Tuesday that Apple about a week ago discovered that stolen Apple IDs were used to swipe customer funds after local payment services Alipay and WeChat Pay complained to the company that some of their own customers had lost money.

Apple apologizes to Chinese users

The Cupertino technology giant did not specify how many users were affected by this incident or how much money was stolen. None of the hacked accounts was protected with Apple’s Two-Factor Authentication system, which after signing up with an Apple ID on a new device additional requires a one-time code pushed to one of user’s trusted device.

TUTORIAL: How to enable Two-Factor Authentication for your Apple ID

Apple issued a statement Tuesday saying it found “a small number of our users’ accounts” had been accessed through phishing scams. “We are deeply apologetic about the inconvenience caused to our customers by these phishing scams,” reads their Chinese statement.

Phishing scams are specially designed emails that pretend to come from a legitimate sender in order to trick you into visiting a webpage designed with the sole purpose to steal your credentials by pretending to be the official Apple ID account website.

This is yet another case in a long string of examples that exemplify the importance of adding an additional layer of security to your Apple ID by enabling the Two-Factor Authentication feature. Once your Apple ID has been compromised, all your purchases, photos, messaging, any iTunes credits, your credit card on file—and then some more—are up for grabs.

Beware phishing scams

Therefore, keeping your Apple ID account as secure as humanly possible is of the utmost importance. speaking of which, I recommend against registering a mobile phone number for Two-Factor Authentication because pushing codes via SMS is insecure.

Another piece of advice: beware phishing scams.

iDownloadBlog has a nice overview of phishing emails which explains in layman’s terms what they are, why they’re potentially dangerous, how to recognize them and how to report them.

Apple’s support documents provide you with the knowledge you’ll need to avoid phishing emails and other scams, as well as identify legitimate emails from App and iTunes Stores.

Do you have Two-Factor Authentication enabled for your Apple ID?

Leave your comment below.