China’s cabinet urges greater cybersecurity after mass data leak

China’s cabinet stressed the need to bolster information security, following a huge leak of personal data that could be the largest cyberattack in the country’s history.

A State Council meeting led by Premier Li Keqiang emphasised the need “to improve security management provisions, raise protection abilities, protect personal information, privacy and commercial confidentiality in accordance with the law”, according to the official Xinhua News Agency. The report didn’t directly reference the hack, and other state media agencies have so far been silent about the incident.

ALSO READ: Hackers claim theft of police info in China’s largest data leak

Earlier this week, unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database. The purported theft of more than 23 terabytes of information has exposed potential data and security lapses and set the technology industry abuzz.

“China is long overdue for experiencing a breach of this scale,” said Daron Hartvigsen, managing partner at global advisory firm StoneTurn. “Historically, China is often disregarded as a viable target for criminal cyber-exploitation. Threat actors typically focus on targets likely to cave to ransom and extortion demands. It is not clear if this business model will result in similar financial returns in China.”

ALSO READ: Hacker’s record theft claim exposes dangers of China data trove

Questions remain about how the unknown hackers apparently gained access to the trove run by the Ministry of Public Security’s Shanghai branch, which according to online posts included data detailing user activity from most popular Chinese apps, addresses, and phone numbers. A seller had asked for 10 Bitcoin, worth around US$200,000 (RM885,600), in exchange for the data.

President Xi Jinping has long identified data as key for governing and driving Asia’s largest economy. The meeting on Wednesday also discussed the need to investigate and address activities that abuse information and violate the legitimate rights of individuals and enterprises, according to the report. – Bloomberg