China: Weibo admits to leak of personal data on millions of users
“Chinese Regulator Probes Weibo Data Breach”, 25 March 2020
China’s industry and technology regulator has summoned representatives from Weibo to a meeting and ordered them to enhance data security after hackers stole personal data on millions of Weibo users and sold it on the dark web.
… Alibaba’s former security chief Wei Xingguo claimed on Weibo that data on millions of Weibo users, including his own contact details, had been leaked online. Wei’s statement triggered a public outcry online, with some claiming that they had found basic information on 538 million Weibo users such as phone numbers and addresses circulating on the dark web. Wei’s post was subsequently deleted for unknown reasons.
During the meeting… the Ministry of Industry and Information Technology (MIIT) urged Weibo to take steps to reduce data theft and improve its privacy policies in accordance with the country’s cybersecurity law and other regulations, according to a statement published… on the ministry’s website.
The MIIT also asked the Twitter-like platform to regularly self-evaluate the data security levels of new services ahead of their official launches, the statement added
… Weibo issued a statement, in which it admitted to the data leak but downplayed the incident and said using the same password on different platforms will put Weibo users at greater risk of their personal information being stolen.
Weibo had 516 million monthly active users at the end of December, a net addition of about 54 million from the previous year, the company’s fourth-quarter earnings report showed.