Three billion items of user data stolen from China’s biggest tech companies

Up to 3 Billion Pieces of User Data Stolen From Nearly 100 Tech Companies —Caixin Global

What happened: A third-party developer for Chinese mobile operators—China Mobile, China Telecom, and China Unicom—highjacked over 3 billion pieces of user data from some of the country’s biggest tech companies. Through a business partnership formed in 2014, Shenzhen-listed Ruizhi Huasheng Technology collected user account information from Tencent, WeChat, Alibaba, and up to 93 other companies after placing malicious software on the mobile operators’ servers.

Why it’s important: Ruizhi Huasheng used the data for commercial gain by selling it to advertisers. Revenue from the company’s data-related business increased 16 fold over the past year, rising to RMB 30 million ($4.4 million). The case is the latest in a spate of high profile data breaches. Earlier this year, an investigation found that the personal information of people using delivery apps—including Ele.me and Baidu Waimai—was being sold for as little as RMB 0.10 per individual. The government has sought to crack down on these sorts of data breaches through the release of standards for handling personal information, but steps like these have had little effect on the illicit, but very lucrative, data market.