chinas cabinet urges greater cyber security after data leak - China's Cabinet urges greater cyber security after data leak

BEIJING (BLOOMBERG) – China’s Cabinet stressed the need to bolster information security, following a huge leak of personal data that could be the largest cyber attack in the country’s history.

A State Council meeting led by Premier Li Keqiang emphasised the need “to improve security management provisions, raise protection abilities, protect personal information, privacy and commercial confidentiality in accordance with the law”, according to the official Xinhua News Agency.

These measures would allow the public and businesses to “operate with a peace of mind”, the report added.

Xinhua didn’t directly reference the breach, and other state media agencies have so far been silent about the incident.

Earlier this week, unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database.

The purported theft of more than 23 terabytes of information has exposed potential data and security lapses and set the technology industry abuzz.

“The breach has clearly caught the attention of China’s top leadership – and no wonder,” said Ms Kendra Schaefer, a partner at Beijing-based consultancy Trivium China.

“It is particularly embarrassing for a government body to be the source of the largest known data breach in China’s history, particularly at a time when data security has become one of China’s top policy priorities.”

Questions remain about how the unknown hackers apparently gained access to the trove run by the Ministry of Public Security’s Shanghai branch, which according to online posts included data detailing user activity from popular Chinese apps, addresses and phone numbers.

A seller had asked for 10 Bitcoin, worth around US$200,000 (S$280,160), in exchange for the data.

“China is long overdue for experiencing a breach of this scale,” said Mr Daron Hartvigsen, managing partner at global advisory firm StoneTurn.

“Historically, China is often disregarded as a viable target for criminal cyber exploitation. Threat actors typically focus on targets likely to cave to ransom and extortion demands. It is not clear if this business model will result in similar financial returns in China.”

President Xi Jinping has long identified data as key for governing and driving Asia’s largest economy.

The meeting on Wednesday also discussed the need to investigate and address activities that abuse information and violate the legitimate rights of individuals and enterprises, according to the report.