Security News > 2021 > June > Alibaba suffers billion-item data leak of usernames and mobile numbers
Alibaba's Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers.
Both reports state that a developer created a crawler that was able to reach beneath information available to the human eye on Taobao, and that the crawler operated for several months before Alibaba noticed the effort.
163.com suggests the source of the crawler was a company that makes money from affiliate referrals to Taobao, and that the site was scraped from November 2019 until Alibaba noticed the activity in July 2020.
Alibaba notified authorities, an investigation commenced, and the matter landed in the People's Court of Suiyang District - which in May convicted a developer and his employer of lifting the data.
Alibaba has reportedly 'fessed up to messing up - a rather different approach to that displayed by Facebook when news of over 500 million scraped customer records re-emerged in April 2021 and The Social Network™ suggested users should revisit their privacy settings to stop scrapers.
Registering for Chinese court reporting sites requires a code sent to a mobile phone.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/06/16/alibaba_tabao_scraped_data_leak/
Related news
- 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage (source)
- Pokemon dev Game Freak confirms breach after stolen data leaks online (source)
- Troubled US insurance giant hit by extortion after data leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Ford investgates alleged breach following customer data leak (source)
- Ford investigates alleged breach following customer data leak (source)