Hackers in China have attempted to access over 20 million active accounts on Alibaba Groups Taobao ecommerce website using Alibabas own cloud computing service. Chinese companies are grappling a sharp rise in the number of cyber-attacks, and cybersecurity experts say companies have a long way to go before defenses catch up to US counterparts.
In the latest case, hackers obtained a database of 99 million usernames and passwords from a number of websites, according to a separate report on a website managed by the Ministry of Public Security.
The hackers then used Alibabas cloud computing platform to input the details into Taobao. Of the 99 million usernames, they found 20.59 million were also being used for Taobao accounts, the ministry website said. It also said the hackers started inputting the details into Taobao in mid-October and were discovered in November 2015, at which time Alibaba immediately reported the case to police. The website said the hackers have since been caught.
According to the ministry website, Alibabas systems discovered and blocked the vast majority of login attempts. The hackers used compromised accounts to fake orders on Taobao, a practice known as brushing in China and used to raise sellers rankings. The hackers also sold accounts to be used for fraud.
The number of accounts, 20.59 million, represents about one out of every 20 annual active buyers on Alibabas China retail marketplaces.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now