CNET también está disponible en español.

Ir a español

Don't show this again


Apple suppliers accused of selling iPhone user data in China

Chinese authorities busted 20 workers for selling $7.36 million worth of data from Apple's internal servers.

Chinese police questioning one of the 22 suspects arrested over an underground network of thieves selling stolen data from Apple.

Zhejiang Police

Apple makes a massive effort to keep your information from being taken by the government and outsiders -- but an insider threat managed to steal millions of dollars worth of data.

According to Chinese state media, Zhejiang police arrested 20 employees from Apple's suppliers and vendors, authorities announced on Thursday. There were 22 people arrested as part of the underground data trading network, according to Xinhua.

The 20 workers, who were employed by Apple suppliers not the company itself, reportedly had access to data, including names, phone numbers, Apple IDs and other information, which they sold for between 10 and 180 yuan, or about $2 to $27. In total, the data thieves made about 50 million yuan, which is about $7.36 million.

One of the outsourced vendors was a direct marketing company, police said.

Chinese police first started investigating Apple data sales on the black market in January, and began making their arrests on May 3. The arrests stretched from across the Guangdong, Jiangsu and Fujian provinces.

The alleged thieves were using Apple's internal systems, police said. Apple heavily emphasizes user privacy, even creating random identifiers for Siri data and switching iMessages to end-to-end encryption. It's a fortress that even the FBI had trouble breaking through, but the third-party employees exposed a vulnerability on Apple's end.  

All 22 people are at a criminal detention center and charged after allegedly selling information they accessed illegally. Officers seized computers, phones and credit cards during the arrests.

Police said they were able to take down the thieves' sales and online network. It's unclear if the stolen data was specifically for customers only in China.