Caixin
Caixin Global – Latest China News & Headlines

Home >

ABOUT US

CX Tech is Caixin Global's real-time tech news portal, featuring 24-hour news, short-form analysis, and roundups from business and tech media in China.

LATEST
Tencent Reportedly Negotiating Risk-Mitigation Measures to Retain U.S. Gaming Investments
Foxconn to Set Up Chipmaking Joint Venture with Yageo
Excluding Chinese Vendors from Indian 5G Trials Will Hold Back Development, Diplomat Says
Alibaba-Backed MYBank Eyes Deeper Penetration Into Under-Banked Rural China
Vivo and Oppo Claim Top Two Spots in China Smartphone Market as Huawei Falls
U.S. Urges TSMC to Prioritize Supplies to American Carmakers Grappling with Global Chip Shortage
Indonesian Ride-Hailing Unicorn Gojek Aims to Go All Electric by 2030
Tencent-Backed Insurtech Firm Waterdrop Aims to Raise up to $360 Million in U.S. IPO
Which Money-Losing Electric-Car Makers Have Tied Up With Huawei?
Video Platform Bilibili to Buy Stake in Mobile-Game Maker CMGE to Boost Content
Baidu to Roll Out Driverless Robotaxis in Beijing in May
Tesla Challenger Nio Shrinks Losses as Sales Surge
Trending in China: A Beijing Bureaucrat Worked as Delivery Driver for a Day and Earned Just $6
Fjord Focus: Why Are Chinese Electric-Car Makers Flocking to Norway?
Alibaba Has Big Plans for Taobao’s Livestreaming Hawking Business
Xiaomi Extends Reign as India’s Smartphone King Despite Slipping Market Share
Self-Driving Truck Startup Plus to Develop Natural Gas-Powered Vehicle With U.S. Engine-Maker
China’s Origin Space Launches Prototype to See How Well It Cleans Up Space Junk
Trending in China: Is Bubble Tea for Tesla Really Such a Bad PR Effort?
TikTok to Set Up European Transparency Center to Ease Data Security Concerns
YTO Express Workers Lease Accounts to Criminals, Compromising 400,000 Users

By Huang Rong and Denise Jia / Nov 18, 2020 06:56 AM / Business & Tech

picture

picture

Five employees at a major Chinese package delivery company leased their internal employee accounts to criminal groups, compromising more than 400,000 users’ personal information.

Police in Handan, Hebei province, arrested three suspects in the criminal groups involved in the data leakage at YTO Express Group Co. The company apologized Tuesday for the leakage and said it will conduct real-time monitoring of internal accounts and actively discover illegal activities. Consequences for the five employees weren’t disclosed.

YTO said its risk control system detected two employee accounts used to check package information that were not related to the employee site, raising red flags at the company’s Shanghai headquarters. Authorities found that five YTO employees leased their accounts for 500 yuan ($76) a day to criminal groups, which then sold YTO users’ information, including names, identification card numbers, phone numbers and addresses, to domestic and overseas telemarketing fraud groups.

This was not the first data breach case involving employees at package delivery companies. In September 2019, police found that six delivery workers at Deppon Logistics Co. Ltd. stole user data and provided it to an e-commerce company. In 2018, police found that two agents at Cainiao Global, the parcel tracking platform of Alibaba Group, installed malware programs on package scanners to steal user information.

Preventing such leaks at package delivery companies requires systematic business transformation, which is difficult for most companies due to capital and technology limits, said a former delivery company employee who was in charge of data security. Many delivery companies have internal security systems, but they are far from effective in practice because many employees have access to user data, the person said.

Contact reporter Denise Jia (huijuanjia@caixin.com) and editor Bob Simison (bobsimison@caixin.com).

Support quality journalism in China. Subscribe to Caixin Global starting at $0.99.

Share this article
Open WeChat and scan the QR code