Alibaba shares on Friday saw a decline after a report claimed that Chinese officials had invited the executives of the tech giant in for discussions about the theft of a sizable police database.
One of the largest data heists in history would have occurred if a hacker had actually sold what they claimed to be the personal information of hundreds of millions of Chinese residents last month.
Cybersecurity experts later confirmed that the data, which was partially verified by AFP, was allegedly saved on Alibaba’s cloud servers by the Shanghai police.
After a report that Shanghai authorities had brought in the business’s executives for talks in relation to the heist, the stock price of the company fell 5.7 percent at the opening in Hong Kong on Friday.
According to a report, the officials included vice president of Alibaba Cloud Chen Xuesong, who is in charge of the division’s work on digital public security.
Senior managers from Alibaba and its cloud division met virtually on July 1 after a vendor announced the stolen database on a website for cybercriminals, as per the report.
According to the report, which cited staff members familiar with Alibaba’s response to the incident, company engineers have shut access to the compromised database and have begun evaluating related code as part of an internal probe.
On Alibaba’s servers, the database is thought to have been kept using antiquated and unsafe technologies.
An AFP inquiry for Alibaba to validate the information in the story was not immediately answered.
Ostensibly for security reasons, China operates a vast, all-encompassing national surveillance network that gathers enormous amounts of data from its population.
As public awareness of data security and privacy issues has increased, Beijing has passed stricter data protection legislation in recent years.
However, there are few options for regular people to prevent the government from collecting their personal data.
The hacker shared a sample of 750,000 records online, including names, cellphone numbers, national ID numbers, residences, dates of birth, and police complaints filed by individuals.
For the full database, the hacker demanded 10 bitcoin, or around $200,000 at the time.
Some of the data looked to have come from express delivery providers, while summaries of police incident reports from more than a decade ago up until 2019 were also included in the data.
Out of the more than a dozen persons AFP contacted last week, at least four verified that their information was included in the database.
