Shanghai sees surge in online personal data theft

Shanghai sees surge in online personal data theft

Summary: Shanghai People's Procuratorate said number of identity theft cases increased from one in the first half of last year, to thirty cases this year, with most suspects abusing their employee position to harvest data for criminal purposes.

SHARE:
TOPICS: Security, Privacy, China
0
online-identity-theft-up-200-since-2010
Public prosecutors in Shanghai said there was only one personal data theft case in the first half of 2012, but 30 such cases during the same period in 2013.

Public prosecutors in Shanghai have warned of a sharp rise in online personal information theft, with criminals stealing and selling data for various criminal purposes. 

According to China Daily on Tuesday, prosecutors revealed at a news conference there was only one case of cyber identity theft in the first half of 2012, but the same period in 2013 saw 30 cases involving 57 suspects.  

Gu Xiaomin, director of the public prosecution division of the Shanghai People's Procuratorate, said more than half the suspects committed the crime by taking advantage of their positions and their intent is to promote products or obtain money through the transactions. 

Many cases involve employees in online shopping companies passing on financial data obtained from their customers, Gu noted. 

The Pudong prosecution agency had investigated 10 cases involving the leak of more than 20 million items of information, including member information from some shopping Web sites. For example, the information could be leaked by an employee at a shopping platform with access to the company's core database. 

In one case, a suspect known as Xu, the former director of operations for online grocery comppany Yihaodian, said Xu had incited his former colleague known as Peng, to obtain the password for the company's database, which he did with the help of a technician named Miao. 

Between October 2010 and September 2011, Peng had logged onto the database three times and stole nearly 4 million items of client information including their names, mobile phone numbers and addresses, prosecutors said. Most of the stolen information had been passed to sales people wishing to promote products while others were published online. 

"The fact that some data was intentionally leaked by employees shows their lack of social integrity, as well as the loopholes in the confidentiality system of some businesses, such as allowing logging in to the database from a wide area network," Wen Lan, a spokesperson for the Shanghai People's Procuratorate, said in the report. 

China however, has stepped up measures to protect the online personal data of its citizens. The country's police force in June last year was pushing for more regulated and clearly defined parameters on crimes personal data theft, as the existing law makes it tough for law enforcers to convict criminals. The government also set out rules and guidelines which companies must observe when they process personal data in February this year. 

Topics: Security, Privacy, China

Ellyne Phneah

About Ellyne Phneah

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion