More than 538 million Weibo users’ personal details have been put up on a database by hackers, for sale on the dark web for just $238 or CNY 1,799.
Weibo IDs, number of posts, number of followers, gender and location and contact number of about 172 million of the affected users are included in the database.
A few reports say that hackers had breached into the Chinese social media, in the middle of 2019.
After the breach, many users, as well as Alibaba security director Wei Xingguo, posted about their personal details being leaked and that they had been receiving connection requests established on phone number search options. Wei had later deleted his post.
The company had acknowledged the leak but did not act as though it was a big deal, and they had stated that the data had been collected using illegal software. Luo Shiyao, the company’s security director replied to Wei’s post and implied that the phone numbers had been leaked savage force attack while all other details could have been gathered online, quite easily. This post had also been deleted later on, from Weibo.
Experts believe that there are some irregularities when the statements by Weibo were closely looked into. Even though the company said that the data had been drawn out using an API, experts said that data on sales contains details which are usually not spread through APIs.
Contrarily, Weibo announced that a police complaint had been made against the data that had been stolen, and all the relevant authorities had been let known. The company had also advised users to never use passwords that are similar, on different platforms as this will put all their personal details at risk.