中國支付公司稱,小偷正通過蘋果ID盜刷餘額大綱

China's two largest digital payments services, Alipay and WeChat Pay, have warned that thieves are using compromised Apple IDs to make purchases with people's accounts. Alipay posted a warning offering "security tips about Apple phones," which said that it had contacted Apple many times with hope of solving the issue, according to Reuters. Tencent, which owns WeChat Pay, later confirmed similar issues in a statement to Bloomberg.
支付寶和微信支付是中國規模最大的兩種數字支付服務，它們都警告稱：小偷正利用受攻擊的蘋果ID賬號購買商品。路透社報道，支付寶發文警告"有關蘋果手機的安全提示"，稱其已經多次聯繫蘋果公司以解決這一問題。微信支付是騰訊旗下的一種支付方式，而後來騰訊向彭博社發表的一份聲明也證實了類似問題的存在。

"Since Apple hasn't resolved this issue, users who've linked their Apple ID to any payments method, including Alipay, WePay, or credit cards, may be vulnerable to theft," Alipay wrote, according to Bloomberg's translation.
關於支付寶的發文，彭博社的譯文如下："在蘋果公司沒有完全解決這個問題之前，無論您的Apple ID綁定了哪種支付方式（包括支付寶、微信支付或者信用卡），都可能出現資金損失風險。"

It's not stated how widespread the issue is or how much money has been lost due to the thefts. Reuters reports that a Chinese state media outlet said some losses were as high as 2,000 yuan, or about $290 USD. Apple plans to refund money that was fraudulently spent, according to a source familiar with the matter.
文中並未說明這個問題的普遍性，也沒有提及盜刷造成的損失數額。路透社報道，中國的一家官方媒體稱，有些人的損失高達2000元（約290美元）。熟悉此事的消息源稱，蘋果公司計劃將這筆欺詐性消費退還給用戶。

Though the two companies are calling out Apple, it's not clear if the issue is specific to a flaw in its ID system. It sounds as though there has been a problem with the theft of Apple ID credentials, which thieves are then using to log in to Apple accounts and make purchases using associated payments methods, like Alipay and WeChat Pay.
儘管這兩家公司都在喊話蘋果公司，但目前尚不清楚該問題是否與蘋果公司的身份識別系統存在缺陷有關。聽起來好像是由於蘋果ID被盜所致，也就是說小偷會登錄用戶的蘋果賬號，然後通過綁定的支付方式（如支付寶和微信支付）進行消費。

An Apple spokesperson said the company encourages customers to set a strong password and enable two-factor authentication to secure their accounts. Still, it's unusual to see large tech companies calling one another out like this, particularly over an issue that may not be exclusive to Apple. Alipay has since removed its social media post calling out Apple, though not before the story spread across state and international media.
蘋果公司的發言人表示，公司鼓勵用戶設置保密強度高的密碼，並啓用雙因素身份驗證來保護賬號安全。儘管如此，一家大型科技公司如此喊話另一家公司的場面並不多見，而且蘋果公司可能並不是導致這一問題的唯一原因。支付寶已經刪除了其喊話蘋果公司的社交媒體貼，但這是在中國國內和國際媒體都知道這件事情之後的事了。

Some companies are proactive about searching out leaked account credentials, checking them against their own databases and then resetting passwords and warning users if they find a match. It's unclear if Apple does this, but it speaks to the broader issue companies like Apple face: it's not just their own sites and apps that need to be secure; they have to worry about common accounts and passwords being leaked from other sources as well.
有些公司主動搜索泄露的賬戶證書，並根據自己的數據庫進行檢查，然後重置密碼，若出現相同的密碼會彈出警告，提醒用戶。目前尚不清楚蘋果公司是否這樣做了，但這一現象表明蘋果這樣的公司還面臨着一個更廣泛的問題：不僅需要保證自己網站和應用程序的安全性，而且還得擔心其它來源泄露常見賬號和密碼的可能性。