Apple employees in China were running an underground market selling off customer data on the black market.
According the AFP, the criminal ring included 20 Apple employees partaking in the operation, and included the sale of names, phone numbers, Apple IDs and other data. The information was sold off as single items, ranging from 10 yuan ($1.50) to 80 yuan ($26.50), totaling 50 million yuan ($7.36 million) sum.
Chinese authorities were working on the case for months before arrests were made across four provinces—Guangdong, Jiangsu, Zhejiang, and Fujian. Authorities acquired the perpetrator’s “criminal tools” and put an end to their online network.
The Apple employees involved in the operation worked in Apple’s marketing and outsourcing departments. AFP’s report doesn’t mention how authorities were tipped off of the scam or how long it took place. The report also notes it’s not clear to whom the compromised data belonged to—foreign or Chinese Apple customers.
China recently passed a cybersecurity law putting extra emphasis in protecting customer’s online data. If companies fail to do so, they may face stiff fines or other, more serious repercussions like loss of business licenses.
Once we know more details about the case, we’ll pass them along.