Hackers attack 20 Million Alibaba accounts on Taobao shopping site

Attackers uses Alibaba’s own cloud service to attack its users. The Chinese media revealed that Alibaba has been hit by a cyber-attack. The giant retailer’s Taobao online marketplace was compromised, with hackers attempting to access 20.59m customers’ accounts. While the Chinese firm insisted that most of the accounts were protected, and that hackers did not gain access to data in the majority of cases, it did concede that attacks on a smaller number of accounts were successful.

An Alibaba spokesman did not give any confirmation about the total number of accounts that had been accessed, or say what data had been compromised. Alibaba said that the hackers used login details stolen from other websites to try and gain access to Taobao accounts, on the basis that users often use the same login credentials for multiple online accounts.

Alibaba’s own cloud service was used to conduct the attack, with the company spokesman saying that the attackers had rented space on it. The hackers had 99m usernames, and used Alibaba’s cloud platform to input them into Taobao. They then found that 20.59m of the 99m credentials they had been used for Taobao.

The Alibaba spokesperson insisted to the media that the firm’s own system was not broken into by hackers’ point. “Alibaba’s system was never breached,” they said. The compromised accounts were reportedly used to make fake orders on the e-commerce site, in addition to being sold for fraud.

The firm recommended that users change their passwords. It saw a drop in share price after initial reports of the attack, with analysts saying they fell by up to 3.7%. The firm’s shares closed trading on February 4th on the New York Stock Exchange up 2.24% at $64.86.

Chinese police have made arrests following on from the attack. Cybercrime is a growing problem in China and the Far East. In November 2015 the records of 5m people, including 200K children were breach during an attack on the Hong Kong based toymaker VTech.

More Here [cbronline]

Receive Weekly RoundUp

By clicking this button you agree to receive marketing communications from EMI

I agree to have my personal information transfered to MailChimp ( more information )