Hackers attack 20 mln accounts on Alibaba's Taobao shopping site

Date

2/4/2016 11:10:56 PM

(MENAFN- The Peninsula)

Beijing: Hackers in China attempted to access over 20 million active accounts on Alibaba Group Holding Ltd's Taobao e-commerce website using Alibaba's own cloud computing service according to a state media report posted on the Internet regulator's website.

Analysts said the report from The Paper led to the price of Alibaba's US-listed shares falling as much as 3.7 percent in late Wednesday trade.

An Alibaba spokesman on Thursday said the company detected the attack in "the first instance" reminded users to change passwords and worked closely with the police investigation.

Chinese companies are grappling a sharp rise in the number of cyber attacks and cyber security experts say firms have a long way to go before defences catch up to U.S. counterparts.

In the latest case hackers obtained a database of 99 million usernames and passwords from a number of websites according to a separate report on a website managed by the Ministry of Public Security.

The hackers then used Alibaba's cloud computing platform to input the details into Taobao. Of the 99 million usernames they found 20.59 million were also being used for Taobao accounts the ministry website said.

The hackers started inputting the details into Taobao in mid-October and were discovered in November at which time Alibaba immediately reported the case to police the ministry website said. The hackers have since been caught it said.

Alibaba's systems discovered and blocked the vast majority of log-in attempts according to the ministry website.

The hackers used compromised accounts to fake orders on Taobao a practice known as "brushing" in China and used to raise sellers' rankings the newspaper said. The hackers also sold accounts to be used for fraud it said.

Alibaba's spokesman declined to comment on how the hackers were able to use its cloud computing service for the attack. He said they could have used any such service and that the attack was not made possible by loopholes in Alibaba's platform.

"Alibaba's system was never breached" the spokesman said.

Reuters

Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.