Shanghai Police Summons Alibaba Officials Post Record Data Theft

The Shanghai police summoned Alibaba Group Holding Limited BABA executives and senior technicians on July 3 after the law enforcement agency suffered a record data breach, the Nikkei Asia reports.

A passwordless misconfigured Alibaba Cloud server to access the trove was held responsible for the leak, the Register reports. The trove revealed names, home addresses, ID numbers, phone numbers, and criminal records.

Cyber security researchers also alleged that the digital certificates had expired perhaps four years earlier.

Also Read: Read Alibaba's Role In Shanghai's Recent Infamous Police Database Hack As China Struggles To Censor Breach News

Since the leak's discovery, the law enforcers ordered Alibaba engineers to review the database architectures it offers in its cloud.

In late June, an unidentified hacker nicknamed "ChinaDan" offered information from the Shanghai police database, including names, ID numbers, phone numbers, addresses, criminal records, and online orders for sale online. 

The hacker claimed the data contained information about 1 billion Chinese citizens and came from an Alibaba private cloud server. 

The database, which spanned 1995 to 2019, was showcased for sale for ten bitcoin, or $200,000.

The hacker deleted the post in a week, stating that the data was no longer available for sale, and claimed to have deleted the related posts.

The New York Times claimed that the Shanghai police stored the data on a secure, closed network until developers created a gateway to access the database easily. But such gateways should be protected by passwords, which were lacking in the case of the Shanghai database.

An industry expert said that multiple contracted companies managed the Shanghai police database, making it challenging to find the actual company responsible for the leak.

Search results for terms like "Shanghai police database," "Shanghai 1 billion," or "1 billion data leak" were blocked in Weibo Corp WB.

China enacted laws to protect data and personal information, mainly targeting the country's big internet and tech companies. 

Price Action: BABA shares traded higher by 2.3% at $104.71 on the last check Monday.

Photo by Fooksou Lamimo via Wikimedia Commons

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!