An Alibaba spokesman did not give any confirmation about the total number of accounts that had been accessed, or say what data had been compromised.
Advertisement
In recent years, cyber-attacks in the world’s second largest economy has risen at an increasing rate. The hackers found that 20.59 million matched exact details of users on Taobao accounts, according to Reuters, citing a report on the Ministry of Public Security’s website.
Using a database of 99 million usernames and passwords from different websites they obtained, the hackers used Alibaba’s cloud computing platform to input the details into Taobao.
Owner Alibaba advised customers to change their passwords, and Chinese police have now made arrests in connection with the attempted hack.
The cyberattack began in mid-October and was discovered by Alibaba in November. The hackers likewise sold records to be utilized for fraud, the newspaper said.
Alibaba said it protected the vast majority of those Taobao accounts by blocking hackers’ access attempts, but some attacks on a small number of accounts weren’t intercepted. But a spokesperson for Alibaba has denied that report, saying the hackers had used outside software to attack the site instead of Alibaba’s cloud service.
“This incident involved suspects using account login information stolen from other websites to attempt to match with Taobao accounts”. He further highlighted that Alibaba’s structure is solid and can never be breached.
Advertisement
The Chinese newspaper stated that the hackers utilized bargained records to fake requests on Taobao, a practice known as “brushing” in China and used to raise vendors’ rankings.
