According to state media reports, Alibaba Group Holding Ltd’s (NYSE:BABA) cloud service Alicloud prevented hacking of 20.9 million active accounts on its database. The cyber-attack triggered 3.7% decline in share prices in the US markets for the ecommerce giant.
According to Alibaba’s statements, Taobao-based attacks were immediately controlled, because users were asked to change passwords ‘in the first instance’ preventing major defraud.
The number of cyber-attacks on Chinese companies has risen in recent months. A large-scale attack in 2015 had seen $1 million in fraudulent overseas sales on the B2B portal alibaba.com.
It was a major scandal for the Chinese e-retailer as hackers’ first ‘spear-phished’ a prominent seller on the platform, defrauded foreign market buyers. When promised good failed to be delivered, 1,700 complaints were filed in August 2015, against Alibaba Group Holding Ltd (NYSE:BABA).
In search of Active User Account
The attempt to access AliCloud was purportedly aimed at locating large number of active users on Chinese ebay, Taobao. The hackers had apparently gained access to 99 million user databases of Chinese users from various websites. However, they needed only active accounts and were hence matching user name and passwords when Alibaba Group Holding Ltd (NYSE:BABA) AliCloud’s security walls caught the ‘automated’ nature of the logins.
Hackers intended to sell the authentic accounts to scammers.
As Chinese ecommerce sites proliferate, there is big market for active user accounts. Fake sellers use them to boost their sale ratings and lure unsuspecting customers.
A ministry of Public Security, on its website, reported that the hackers had obtained 99 million usernames and passwords from different websites.
Same username and password
In October, media reports said, hackers had begun to match the passwords and user names from the different websites on Taobaos, via AliCloud. It was found that nearly 15% to 20% of the users used the same passwords for multiple accounts, thereby allowing hackers to gain access. However, by November, Alibaba Group Holding Ltd (NYSE:BABA) group had found out about the attacks and immediately altered police, and simultaneously blocking such accounts until users changed their passwords.