Thieves are using Apple Pay to mask stolen credit card data

Posted at 12:57 AM, Mar 06, 2015
and last updated 2015-03-06 00:57:08-05

HONG KONG (CNNMoney) — Thieves are using stolen credit card data to make bogus purchases on Apple Pay, Apple’s mobile payment system.

The stolen card data is believed to have come from recent hacks on major retailers including Home Depot and Target, according to a report by the Wall Street Journal.

Here’s what’s happening: Apple’s system hasn’t been hacked. But cyber thieves are taking stolen credit card data, entering it into smartphones, and making purchases — all without the use of an actual credit card or signature.

About 80% of these unauthorized purchases have actually been bought with smartphones at Apple stores, the Journal reports, citing sources familiar with the matter.

This isn’t good news for Apple Pay, which launched last fall, highlighting just how much damage cyber thieves can create.

Apple Pay’s network includes major merchants such as Whole Foods, McDonald’s, Bloomingdale’s and Walgreens.

Apple didn’t immediately respond to a request from CNNMoney for comment