Cyber Incident Victim: Ant Group

The incident involved a data breach at Alipay, the payment subsidiary of Alibaba Group, perpetrated by a former employee and two external accomplices over a multi-year period. According to Hangzhou police and Alipay's statements reported in 2014, the former employee began stealing customer data from Alipay's internal systems as early as 2010. The individual accessed the company's backstage platform to download personal information, including users' cellphone numbers, home addresses, email accounts, and transaction records. This stolen data, totaling approximately 20 gigabytes, was systematically sold to external parties, primarily e-commerce companies seeking advertising targets. The scheme involved collaboration with two IT professionals outside Alipay, including a former employee surnamed Zhang from another Hangzhou-based e-commerce firm. The perpetrators specifically targeted businesses interested in purchasing consumer data to tailor marketing campaigns toward online shoppers.

Alipay detected the unauthorized activity during internal auditing procedures in 2012 and subsequently reported the case to law enforcement. Police investigations confirmed the ex-employee's confession regarding the method of data extraction and sale to "target customers." While bank card numbers and payment passwords remained secure due to encryption protections that prevented third-party transmission, the breach exposed non-financial personal identifiers on a significant scale. In response, Alipay publicly reaffirmed its commitment to user privacy, emphasizing existing safeguards for transaction data while pledging enhanced vigilance against future incidents. The case occurred against a backdrop of widespread personal data trafficking in China, with Shanghai authorities concurrently apprehending criminal groups exploiting similar leaks for credit card fraud through unauthorized online transactions. No specific financial losses or individual victim counts were disclosed in the available reporting.