Apple Removes 256 Apps Collecting Private Data and Sent to Chinese Firm

Apple said that the group of apps were gathering data through a third-party advertising firm

Hundreds of applications found on the Apple App Store have been removed for using a software development kit that collected personal information from users and sent it to China, the company said Tuesday.

Apple confirmed that over 200 applications on its digital store were collecting the emails and serial numbers of its users Iphones, Ipads and Ipod Touches and sending that data to a Chinese advertising firm.

"This is a violation of our security and privacy guidelines," Apple said in a statement.

Apple said that the group of apps were using a third-party advertising development kit from Youmi, a Chinese mobile advertising provider, that uses application programming interfaces to gather private information.

Shortly after researchers from Purdue University and SourceDna made the find, the cybersecurity group alerted Apple of the unauthorized process. The two groups traced clusters of application code back to Youmi, according to SourceDna.

"We found 256 apps (est. 1 million downloads) that have one of the versions of Youmi that violates user privacy," SourceDNA wrote in a statement. "Most of the developers are located in China."

The apps altogether have had an estimated 1 million downloads, according to SourceDNA, which compiled a list of affected apps on its website.

Malpractice is not suspected and Apple said that it is working with developers to update versions of their apps that are safe to use and within Apple's guidelines.

This is the third cybersecurity problem Apple has faced in the last month. Last week, another set of apps were banned for their ability to peek into encrypted communications between Apple products and servers. The app store also suffered a major malware attack that forced the tech giant to remove dozens of infected popular apps.

Contact Us