The fallout from Alibaba’s huge data breach

Chinese tech giant Alibaba is at the centre of a huge data-breach scandal – and the clampdown on the sector could now intensify.

Jack Ma of Alibaba
Alibaba founder Jack Ma was an early evangelist for using data in policing
(Image credit: © Wang HE/Getty Images)

Chinese e-commerce giant Alibaba Group Holdings has been hit by “what appears to be one of the biggest data breaches in history”, says Cissy Zhou in Nikkei Asia. Its shares fell by 6% last Friday after executives were called in by the Shanghai police to be questioned about the affair.

The problem began a fortnight ago when a hacker offered to sell online records from the Shanghai police database. He said he had “information about one billion Chinese citizens” and posted a sample of 750,000 records. The Chinese authorities are furious that the data, which reportedly contains “names, ID numbers, phone numbers, addresses, criminal records and even online orders” appears to have been stolen from a server hosted by Alibaba.

The leak is particularly embarrassing for Alibaba given that founder Jack Ma “was an early evangelist of the use of data in policing and social control”, says Karen Hao in the Wall Street Journal. Indeed, Ma’s claims that Big Data “would help the public security agencies track down thieves and predict terrorist attacks” has helped Alibaba become “the biggest public cloud-service provider in China”.

Subscribe to MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Sign up

But this relationship has not always been smooth. The ministry in charge of technology suspended a cybersecurity partnership with Alibaba’s cloud-computing unit last December after Beijing alleged the company “failed to report a global software vulnerability to it in a timely manner.”

Was it the government’s fault?

Still, it looks like Alibaba is being made a “scapegoat” for the Chinese government’s failings, especially its “astonishing lack of cybersecurity caution despite its own user data protection mandate”, says Yawen Chen on Breakingviews.

It seems that in this case the government left the data “sitting around without a password”, which means that “anyone could have accessed [it] if they knew the web address”. However, even if Alibaba wasn’t at fault, this may not matter, as the scandal could dent other clients’ confidence, “especially those from the public sector”.

Alibaba isn’t the only firm worried about the fallout, say Sarah Zheng and Coco Liu on Bloomberg. This episode may only “fuel Beijing’s resolve to clamp down on domestic tech giants and accelerate a move away from their private cloud services”. Such a migration is already under way, with the ongoing crackdown on “formerly high-flying tech giants” nudging risk-averse institutions toward state-owned providers.

Technology firms are now also likely to be affected by a new Chinese competition law, says Lex in the Financial Times. The law, which comes into force in August and requires Chinese companies with global sales of $1.8bn to receive government approval before merging, doesn’t target the technology sector specifically, but it will have an “outsized impact” on the industry. Before the pandemic and the clampdown, Alibaba and Tencent “accounted for nearly half of all venture-capital flow for acquisitions in mainland China”.

Dr Matthew Partridge

Matthew graduated from the University of Durham in 2004; he then gained an MSc, followed by a PhD at the London School of Economics.

He has previously written for a wide range of publications, including the Guardian and the Economist, and also helped to run a newsletter on terrorism. He has spent time at Lehman Brothers, Citigroup and the consultancy Lombard Street Research.

Matthew is the author of Superinvestors: Lessons from the greatest investors in history, published by Harriman House, which has been translated into several languages. His second book, Investing Explained: The Accessible Guide to Building an Investment Portfolio, is published by Kogan Page.

As senior writer, he writes the shares and politics & economics pages, as well as weekly Blowing It and Great Frauds in History columns He also writes a fortnightly reviews page and trading tips, as well as regular cover stories and multi-page investment focus features.

Follow Matthew on Twitter: @DrMatthewPartri