{"rewrite":{"id":"r_b0dc163a208d701a4124542c","clusterId":"c_66df24b767f6748ccfe14320","slug":"phishing-sms-leads-to-apple-account-takeover-at-alcare","model":"deepseek-v4-flash","headline":"Phishing SMS Leads to Apple Account Takeover at Alcare","summary":"Alcare announced on December 25, 2025 that an employee's business smartphone was compromised after the employee entered Apple Account credentials on a fake site reached via a phishing SMS. The attacker took over the account the next day, initialized the phone, and recovery is impossible. Up to 200 customer records and 400 employee records may have been leaked. The company is contacting affected parties and strengthening security.","whyItMatters":"A single employee falling for a smishing lure can lead to irreversible account takeover and data exposure with no recovery path, as shown by the Alcare incident.","webCardHtml":"\u003cp\u003eThe attacker used a standard smishing lure: a message claiming security strengthening was needed and directing the employee to a fake Apple login page. The employee entered their Apple Account credentials, and the next day the attacker changed the account information and remotely initialized the business smartphone. Alcare stated that account recovery is impossible because the security information was also altered.\u003c/p\u003e\u003cp\u003eTwo categories of data may have been exposed: roughly 200 records of customer information (medical institution names, company names, names, phone numbers) and about 400 records of employee information (names, business phone numbers, email addresses). The company is notifying affected individuals and has engaged external experts to investigate. It is also revising its security policies and employee training to prevent recurrence.\u003c/p\u003e","blueskyPost":"Alcare disclosed that an employee's business phone was taken over after the employee entered Apple Account credentials on a fake site from a phishing SMS. Up to 600 records of customer and employee data may have leaked. Account recovery is impossible.","twitterPost":"Alcare: employee's business smartphone compromised via phishing SMS. Apple Account taken over, phone initialized. Up to 200 customer \u0026 400 employee records possibly leaked. Account recovery impossible. Company strengthening security.","threadsPost":null,"newsletterBlurb":"Alcare announced on December 25, 2025 that an employee's business smartphone was compromised after the employee entered Apple Account credentials on a fake site reached via a phishing SMS. The attacker took over the account and initialized the phone, making recovery impossible. Up to 200 customer records and 400 employee records may have been leaked.","attributionJson":"[{\"source\":\"ASCII.jp\",\"url\":\"https://ascii.jp/elem/000/004/418/4418183/?rss\",\"title\":\"A LINE Request from the President, an SMS from Apple... Is That Message Really Safe?\"}]","lintFlagsJson":null,"lintHits":0,"costUsd":0,"inputTokens":5878,"outputTokens":2575,"status":"published","repairAttempts":0,"nextRepairAt":null,"factsAttemptedAt":1784007576,"createdAt":"2026-07-14T05:37:13.000Z","publishedAt":"2026-07-14T05:37:28.000Z","updatedAt":"2026-07-14T05:37:13.000Z"},"cluster":{"id":"c_66df24b767f6748ccfe14320","canonicalTitle":"社長からのLINE依頼、AppleからのSMS… その連絡、本当に安全ですか？","representativeArticleId":"a_cb3d70f860b04d75cd37725d","sourceCount":1,"writtenSourceCount":1,"writeAttempts":0,"isSolo":true,"entitiesJson":"{\"anime_titles\":[],\"manga_titles\":[],\"work_titles\":[],\"studios\":[],\"people\":[],\"type\":\"other\",\"domain\":\"other\",\"is_roundup\":false}","contentType":"news","status":"published","firstSeenAt":"2026-07-14T05:00:00.000Z","lastSeenAt":"2026-07-14T05:00:00.000Z","updatedAt":"2026-07-14T05:37:29.000Z"},"attribution":[{"source":"ASCII.jp","url":"https://ascii.jp/elem/000/004/418/4418183/?rss","title":"社長からのLINE依頼、AppleからのSMS… その連絡、本当に安全ですか？"}],"entities":{"anime_titles":[],"manga_titles":[],"work_titles":[],"studios":[],"people":[],"type":"other","domain":"other","is_roundup":false},"keyFacts":null}
