If you own an Apple product, here is something you must know about. China’s leading payment services Alipay and WeChat Pay have issued warnings that compromised Apple IDs are being being used by thieves to make purchases with users’ accounts.
According to Reuters, Alipay has posted a warning titled ‘security tips about Apple phones.’ The company clearly states in the warning that it has been trying to get in touch with Apple to solve the issue. The parent company of WeChat Pay — Tencent — has also spoken about similar issues to Bloomberg.
According to Bloomberg, Alipay has said that, “Since Apple hasn’t resolved this issue, users who’ve linked their Apple ID to any payments method, including Alipay, WePay, or credit cards, may be vulnerable to theft.”
As of now, there is no clarity on how much money has been lost because of the issue or how widespread it is. A report in Reuters further says according to a Chinese state media outlet has said that some losses were even as high as $290. A source has also confirmed that Apple will be refunding the money that was spent fraudulently because of the issue.
Although Apple is being called out by Alipay and WeChat Pay, right now, it cannot be said for sure if the issue is arising because of a flaw in Cupertino-based technology company’s ID system.
However, it can be possible that Apple ID credentials have been stolen and are being used by thieves to log in to Apple accounts to make purchases with payment method that has been linked to them. And Alipay and WeChat Pay are just two of many payment methods that can be linked.
An official from Apple has said that the company has always encouraged its customers to protect their accounts with strong passwords and by enabling two-factor authentication.
Although Alipay has now removed its post on social media in which it called out Apple, word about it has already spread globally.
But it is worth noting that this issue points towards a big problem faced by technology giants like Apple. They don’t only have to secure their own apps and websites, they also need to take care of common accounts and passwords getting leaked from other sources.