14.03.2025
2 min
648
One of China’s largest online shopping platforms, Taobao, may have suffered a massive data breach. Hacking group Babuk has reported the theft of information from 600 million user accounts and over 8 billion orders. The breach exposed personal data including names, phone numbers, addresses and purchase history.
Babuk has put up for sale two archives totaling over 2TB: 600GB in Tar.gz format and 1.8TB in CSV files. The sale ad was posted on a darknet hacker forum, although its authenticity is questionable. The post was written in broken English and the number format appears incorrect. Despite this, the threat of a real leak remains significant.
Taobao is owned by Alibaba Group and is the eighth most visited website in China, attracting over 172 million visitors per month. The platform has already faced cyber incidents: in 2020, hackers illegally collected the data of a billion users for marketing purposes.
Babuk ransomware has been operating since 2020, using the RaaS (ransomware-as-a-service) model, that is, selling access to its attacks to other attackers. The group is associated with the Russian group Evil Corp. It is known for attacks on large corporations. The “Big Game Hunting” methodology involves targeted attacks on large players, with the prospect of receiving a large ransom.
Babuk’s claims require additional verification, but the potential data leak from Taobao could have serious consequences for millions of users. The platform and Alibaba Group have not yet provided official comments. Experts recommend that Taobao users change their passwords and be vigilant for possible phishing attacks.
