Taobao

In 2012, Taobao, a prominent Chinese e-commerce platform, experienced a significant data breach affecting approximately 21 million user accounts. The compromised data included email addresses and plain text passwords, which posed substantial security risks for the affected users. ​ The breach was orchestrated by a developer working for an affiliate marketer, who created crawler software to scrape customer data, including usernames and mobile numbers, over an eight-month period. Both the developer and his employer were subsequently sentenced to three years in prison for their involvement. ​ In response to the breach, Taobao stated that it devoted substantial resources to combat unauthorized scraping and proactively addressed the issue. The company also pledged to continue working with law enforcement to protect its users and partners. ​

Data Included in the Breach