Some iPhone users in China are losing money due to a potential loophole in Apple's login system, according to a security warning from Alipay, one of China's largest mobile payment companies.
Recently, Chinese iPhone users have complained that their money was stolen through online payment services after their Apple accounts were allegedly hacked by cyber attackers.
Alipay said in its Weibo blog that it contacted Apple and is working to get to the bottom of the breach.
It also advised users who have linked their Apple identities to any payment services to lower transaction limits to prevent further losses.
Alipay posted a statement on Chinese social media platform Weibo warning users about potential Apple ID breach. /Screenshot from Weibo
Similar reports have been circulating on Chinese social media platforms with hundreds of people claiming to be the victims of the Apple ID breach. Some even claimed to have lost as much as 10,000 yuan (about 1,440 US dollars).
Many users uploaded screenshots of online payment notifications online saying, "I never buy these."
Some victims asked Apple for refund but not all got the money back.
Cause not known yet
The company said it had reported the problem to Apple and the US tech giant is working to solve it.
"We have contacted Apple multiple times and are pushing them to pinpoint the reason behind the theft. Apple replied they are actively solving it," said Alipay in its statement.
Though Alipay can't find the cause by itself, the company recommended all iPhone users to lower the "password-free quota" for mobile payments.
"All payment methods will be affected, including Alipay and its rivals," the warning said.
Another possible solution to this problem is enabling two-factor authentication. The system was introduced to Apple users in 2014 after many celebrities' personal photos were leaked online.
Alipay deleted the warning on Thursday without any explanation. The alleged breach has not impacted Android users in any way.