A Chinese software developer obtained more than 1.1 billion items of user information from Alibaba’s popular e-commerce website Taobao over the period of eight months, reported the Wall Street Journal.
Discussing a Chinese court verdict, the WSJ states that the web-crawling software gathered user IDs, mobile-phone numbers and customer comments.
A spokeswoman for Alibaba said no user information was sold to a third party and no economic loss occurred. Upon noticing the infraction, the company informed the police.
While the developer didn’t obtain encrypted information such as passwords, some of the data he scraped, including phone numbers and a portion of usernames, isn’t publicly presented on the website. This type of leak may be more serious in China than it would be in other parts of the world, as real name identification is required to obtain a mobile-phone number.