China recently arrested five individuals in connection with the biggest data-theft case in the country’s history, with more than 3 billion items of user data stolen from 96 internet companies, including industry giants Baidu, Tencent, and Alibaba.
Police in Yuecheng District, Shaoxing City, Zhejiang Province, arrested the suspects for stealing the data and profiting through marketing businesses they established. The criminal group is estimated to have earned more than 30 million yuan ($4.38 million) a year, state-run newspaper Beijing Youth Daily reported on Aug. 20.
One of the suspects was released from custody for reasons of physical well-being. Meanwhile, the group’s leader, identified only by the surname Xing, is a fugitive, China’s state-run media Xinhua reported on Aug. 20.
According to Beijing Youth Daily, many citizens and companies reported to the police that over the past two months, their social media accounts began following unfamiliar accounts or added strangers as “friends.” They also received spam ads, pop-ups, and text messages on their mobile phones.
The police investigated, with technical help from Alibaba, and found that the criminal group stole the data using a publicly listed firm they set up, Ruizhi Huasheng Technology Corp. in Beijing—which, in turn, operated three companies to carry out the scheme.
Since 2014, Ruizhi Huasheng signed marketing contracts with telecoms operators such as China Unicom and China Mobile Tietong in more than 10 provinces and cities in China. Through the deals, the criminal group got the remote login permissions of these companies’ servers.
Having obtained access permission, the criminal group installed malicious programs on the internal servers, which automatically collected key data such as user cookies, search histories, transaction records, travel logs, and hotel check-ins, according to a report by Chinese business news site Yicai. The data was then exported to Ruizhi Huasheng’s multiple servers at home and abroad.
Under the guise of Ruizhi Huasheng’s online marketing business, the group then used the stolen information for advertising purposes on social-media platforms, such as WeChat and microblogging site Weibo, thus earning profits from the data.
During the investigation, the police found the criminal group stored large amounts of data on servers in Japan in order to escape detection. The police also said that the group deleted more than 100 million pieces of other data they had collected, in an attempt to conceal the crime.