Zhilian Zhaopin, one of the top job recruitment sites in China, has released evidence at a Beijing trial showing that as many as 160,000 personal resumes uploaded onto its site were allegedly stolen and leaked for around 5 yuan (70 US cents) apiece, according to a Sina report.
Following the evidence being heard at court, Zhilian said in a statement on Tuesday night that user data is the company's "lifeblood" and reaffirmed that protection of user information is its core responsibility.
"Zhilian will not tolerate illegal activities of information fraud and personal information violations," the Chinese company said, adding that it would investigate and crack down on these activities resolutely.
The company first reported the case to police in June 2018 as it found users' information had been traded on Taobao, Alibaba's e-commerce website, Zhilian said in the statement. Two staff from the Zhilian's Shanghai bureau were then arrested by police two months later in August.
The two Zhilian staff allegedly helped a person surnamed Zheng obtain corporate member accounts on the website, in violation of the company's rules, which allowed the latter to get access to around 160,000 users' data and trade them for profit illegally.
See also: These hackers broke into 10 telecoms companies to steal customers' phone records (ZDNet Special Feature)
Since June 2018, Zhilian has added more resources to its compliance departments and carried out self-examination and self-correction activities within the company, according to its statement. Zhilian also added that it has made information security upgrades, procured a third-party fraud information database, created an online customer security risk assessment system, and audited all corporate accounts that posted jobs on its website, in a bid to catch any abnormal behaviour to stop any potential leak in its tracks.
Zhilian, whose monthly active users reached 6.8 million at the end of January this year, is the second largest online recruiting platform in China, trailing behind only 51job.com whose monthly active user base has exceeded 10 million, according to an iiMedia Research note.
Data leaks are a serious issue in China, where local companies leaked a whopping 590 million resumes in the first three months of 2019.
Last month, an exposed database belonging to Shanghai Jiao Tong University exposed 8.4TB in email metadata after failing to implement basic authentication. Meanwhile, Chinese AI company SenseNets left its facial recognition databases open on the internet for months, which was used by the government to track the Uyghur Muslim population in the Xinjiang region, according to a report in February.
MORE DATA BREACH COVERAGE:
- Chinese police investigating major security breach of hotel group
- 8.4TB in email metadata exposed in university data leak
- Indian govt agency left details of millions of pregnant women exposed online
- Bithumb cryptocurrency exchange hacked a third time in two years
- Card breach reported at Buca di Beppo, Planet Hollywood, and other restaurants
- Over 540 million Facebook records found on exposed AWS servers
- Over 13K iSCSI storage clusters left exposed online without a password
- WordPress iOS app leaked authentication tokens
- Facebook passwords by the hundreds of millions sat exposed in plain text (CNET)
- Facebook data privacy scandal: A cheat sheet (TechRepublic)