Multiple security researchers who analysed the leaked database have said its certification information pointed to it being hosted on AliCloud and that it may have been left unsecured online for months, without a username or password guarding access. — AFP
Questions surrounding Alibaba Group Holding Ltd’s role in China’s largest known cybersecurity breach may fuel Beijing’s resolve to clamp down on domestic tech giants and accelerate a move away from their private cloud services.
Researchers studying the leaked data of close to a billion Chinese residents earlier this month have noticed hallmarks of Alibaba’s cloud service, including the domain name of the hosting service. This week, executives of the company’s cloud division, known as Aliyun, were summoned by Shanghai authorities in relation to that data dump, the Wall Street Journal reported, citing sources familiar with the matter.
