One of China's largest web companies suffered a massive hacking attack last year, its owner said Thursday. Hackers managed to gain access to 20.59 million user accounts on Taobao.
The attack on China's largest marketplace happened in October last year, where criminals managed to obtain a database of 99 million usernames and passwords for Taobao, according to Reuters.
They then started putting in the names and passwords into the site, and discovered 20.59 million were active user accounts with matching passwords.
Taobao's owner, world's largest e-commerce firm Alibaba, said Thursday the company caught the attack and blocked the majority of log-in attempts, then reported it to the police. It did not reveal what losses were suffered by affected users.
Taobao is the 12th most popular site in the world, and ranks third in China. It has an estimated 265 million registered users, and is China's equivalent of eBay.
In November last year, it broke (its own) record during the annual Singles' Day shopping event, netting a massive $9.3 billion in sales on the day.
Chinese publication The Paper explained that the hackers were keen to obtain the log-ins in order to sell accounts to scammers. Fraudulent accounts can be used to fake orders on the site to raise sellers' rankings, a practice known as "brushing."
The police in China reportedly held a press conference earlier this week detailing the attack, which resulted in 25 suspects arrested in relation to the case.
The police said Alibaba also suffered a large attack last year on its business-to-business trading platform, Alibaba.com. Hackers were able to gain control of a prominent seller's account, which resulted in them defrauding an estimated 1,700 overseas clients of some $1 million in sales.