Cyber Incident Victim: Sina Corporation

In January 2017, a dark web entity using the alias "DoubleFlag" advertised a massive data breach dubbed "The Big Asian Leak," involving over one billion user accounts stolen from multiple Chinese internet companies. Among the affected entities was Sina Corporation, operator of Sina.com and Sina.com.cn, which collectively had over 100 million registered users as a leading Chinese-language web portal and the host of Sina Weibo, a major microblogging platform. The attacker listed 31,037,726 compromised Sina user accounts for sale alongside data from NetEase (126.com, 163.com, Yeah.net), Tencent (QQ.com), Sohu (Sohu.com, Sogou.com), TOM Group (Tom.com), and smaller providers like eYou.com. The breach extended beyond China, including South Korea’s Nate.com and email services from Yahoo Japan, Gmail, Hotmail, MSN, and Live. All datasets were bundled for sale at BTC 0.8873 (approximately $800 at the time), with no verified buyer information disclosed.

The incident exposed Sina’s users to credential-stuffing attacks, phishing, and identity theft due to the scale of the compromised accounts. While the article confirmed the sale listing’s existence, it did not specify how Sina detected the breach, whether internal systems were directly compromised, or if credentials were aggregated from third-party breaches. Similarly, no containment measures, forensic findings, or official statements from Sina Corporation were documented in the source material. The broader "Big Asian Leak" impacted at least eight major Asian internet firms, with NetEase suffering the largest exposure (over 1.2 billion accounts across its domains) and Sina ranking fourth in volume among named entities. Secondary risks emerged from the inclusion of premium service accounts (e.g., vip.163.com, vip.qq.com) and ancillary platforms like Sohu’s Olympic Games portal and Sogou search engine. The hacker’s listing emphasized the data’s freshness and completeness but provided no evidence of in-use exploitation following the sale.