Sometimes, it's not external hackers that pose a threat to your privacy -- it's people in the supply chain hoping to make some cash on the side. Police in China's Zhejiang province have arrested 22 (apparently third-party) Apple distributors for allegedly selling iPhone user data. Officials say the workers searched an internal Apple database for sensitive info, such as Apple IDs and phone numbers, and peddled it on the black market for between 10 to 180 yuan with each sale ($1.50 to $26). All told, the distributors reportedly raked in more than 50 million yuan, about $7.36 million, before authorities stepped in.
It's not clear how many people are affected by the bootleg sales, or how many of the victims live outside of China. It's also uncertain what will happen with the internal database in question in light of the arrests. We've reached out to Apple for more insights and will let you know if it can share more.
Regardless of the specifics, the bust is bound to raise concerns about distributors' access to data. Is there a way Apple can limit the availability of that info without hindering honest staffers, assuming those staffers were supposed to have access in the first place? And are there other phone manufacturers with similar risks? It may be difficult to completely prevent unscrupulous employees from taking advantage of their positions, but it might be possible to reduce the potential for damage.