Authorities in the Zhejiang province city of Shaoxing say they have just cracked China’s biggest ever case of user data theft, with corporate hackers using access to telecom operators to illegally garner information.
State media reports that hackers managed to illegally obtain 3 billion items of data on users via telecom operators, to engage in malicious activities including targeted marketing on a total of 96 online platforms including Alibaba, Baidu, Tencent and Toutiao.
Zhang Yeping (张野平), head of a police unit in the Yuecheng district of Shaoxing, said that the hackers used unconventional methods involving interception of telecom operators that made investigation extremely difficult, with Alibaba Security providing technical assistance.
Alibaba Security helped Shaoxing authorities to identify a number of “new third board” companies as the key culprits, chief amongst them Beijing Ruizhi Huasheng Technology Corporation (北京瑞智华胜科技股份有限公司).
Starting from 2014 two of the companies involved in the case began to obtain sales and advertising system service contracts with leading telecoms operators including China Mobile, China Mobile Tietong and China Unicom, granting them long-distance log-in authorisation for their servers.
The companies subsequently placed their own malware on the servers of these telecoms operators for the purpose of illegally gathering key information on users.
According to Chinese authorities telecoms operators themselves failed to implement the necessary monitoring or restraint mechanisms, providing hackers with ready opportunities to exploit.
“The shocking thing about this affair is the huge scope and high accuracy of the user information that was stolen,” said telecoms expert Chen Zhigang (陈志刚) to Xinhua.
“If it hadn’t just been taken by hackers for commercial gain, and also been used to undermine public information security or manipulate public opinion, the consequences are obvious.”
Chen said that China’s telecoms operators bear the responsibility and duty for strengthening upstream and downstream security coordination as well as internal management, given that they are a fundamental link in the protection of user information.