Apple apologized today over stolen Apple IDs that were used to make unauthorized App Store purchases in China. The Wall Street Journal reports that the IDs were obtained through phishing scams. Users had connected their Apple accounts to mobile payment systems Alipay and WeChat Pay; these IDs were then used to purchases through the App Store. "We are deeply apologetic about the inconvenience caused to our customers by these phishing scams," Apple said in a statement to its Chinese users.
Security is a big issue with Apple in China right now. Earlier this year, the company began moving Chinese users' iCloud accounts out of the US and onto servers stored in China due to Chinese law. This raised human rights concerns, especially after it was revealed that the data is being looked after by a state-run telecom company.
However, according to Apple, in this case, the data leak was due to phishing scams, not any security issue on the tech giant's part. While Apple does not make clear how exactly the Apple IDs were obtained, it recommends that, to avoid such issues in the future, all customers should enable two-factor authentication. Still, the apology is a good move for Apple, considering their position in China is a bit precarious right now.