Apple Pay stung in transactions using data stolen from retailers: WSJ

rom x

Zealot
Gold
Jan 18, 2011
1,043
99
48
#1
(Reuters) - Apple Inc's (AAPL.O) mobile payment system Apple Pay has been hit by a wave of fraudulent transactions using stolen credit-card data from a spate of breaches at retailers, the Wall Street Journal reported, citing people familiar with the matter.

The transactions stemmed from breaches at retail giants including Home Depot Inc (HD.N) and Target Corp ,(TGT.N) the Journal reported on Thursday.

The majority of unauthorized purchases have been for big-ticket items bought with smartphones at Apple's own stores, the Journal said.
Apple could not be reached immediately for comment.
(Reporting By Darshana Sankararaman in Bengaluru; Editing by Ken Wills)
 

radtechy

Contributor
Bronze
Jul 20, 2011
496
41
28
#2
This sounds like data was programmed into passbook and then went to Apple and bought things. But what I can't get is how would you bypass the authorization phone call to the cc compnay
 

radtechy

Contributor
Bronze
Jul 20, 2011
496
41
28
#3
Also we already know target and Home Depot had data breaches and apple pay is not available at target and Home Depot has it now but I don't remover if it was before or after the breach
 

ZR_Yancy

Genius
Gold
Jul 11, 2008
3,982
737
113
Florida
#4
I'd like to know what banks were affected by this?
 

Europa

Moderator
Senior Moderator
Dec 12, 2008
28,365
5,507
113
Utah
#5
Just to clarify since I think a lot of people are going to misinterpret post #1:

The Apple Pay system itself hasn’t been penetrated by hackers. Rather, fraudsters are entering stolen card data into phones, which can then be used to make purchases without a physical card being present.

Home Depot and Target both had data breaches where credit/debit card information were stolen. I used my card at both of these stores during the breaches and my bank sent me a new card with each one. I had to request one when it happened at Target and they automatically sent me one when it happened at Home Depot. Some people didn't request new cards. Recently, some of these compromised cards that were not cancelled and replaced were used in Passbook by thieves and then they used Apple Pay to make purchases with the stolen cards.
Also we already know target and Home Depot had data breaches and apple pay is not available at target and Home Depot has it now but I don't remover if it was before or after the breach
They didn't have Apple Pay until after the breach, but this is irrelevant since it was not Apple Pay that was hacked. Their credit card information was stolen last year at Home Depot when they swiped their cards during the breach.
 

Europa

Moderator
Senior Moderator
Dec 12, 2008
28,365
5,507
113
Utah
#6
I'd like to know what banks were affected by this?
It's not limited to certain banks. This only affects people who have had their credit card information stolen during breaches (such as the ones that occurred at Target and Home Depot) and then failed to get the cards replaced by their banks. Many banks replaced the cards automatically. Others only did it upon request.
 

ZR_Yancy

Genius
Gold
Jul 11, 2008
3,982
737
113
Florida
#7
It's not limited to certain banks. This only affects people who have had their credit card information stolen during breaches (such as the ones that occurred at Target and Home Depot) and then failed to get the cards replaced by their banks. Many banks replaced the cards automatically. Others only did it upon request.
I understand but when adding a card to Apple Pay, each bank has their own provisioning process. Some require a phone call to the bank to have it activated and some just require a text sent to the phone, etc.
 

Europa

Moderator
Senior Moderator
Dec 12, 2008
28,365
5,507
113
Utah
#8
I understand but when adding a card to Apple Pay, each bank has their own provisioning process. Some require a phone call to the bank to have it activated and some just require a text sent to the phone, etc.
I've added cards through a bank and a credit union. Neither required a text or a phone call.
 

radtechy

Contributor
Bronze
Jul 20, 2011
496
41
28
#10
Same for me I did a credit union and a major bank and I had to do 4 phone calls for all 4 cards
 
Apr 10, 2015
13
2
3
#11
I've added cards through a bank and a credit union. Neither required a text or a phone call.
That seems strange. I added 3 cards and I had a phone call for one and texts for the other two. It seems like a very secure way to do a transaction.
 
Feb 3, 2013
190
10
18
#12
I do read a lot who is having this issue, I hope they do necessary actions for this. :)
 

jareknyc

Member
Silver
Aug 27, 2007
715
12
18
NYC
#13
This sounds like data was programmed into passbook and then went to Apple and bought things. But what I can't get is how would you bypass the authorization phone call to the cc compnay
I added 3 cards never needed phone call or txt...it was automatically added no question asked