China could learn lessons from America’s massive credit breach

By Katie Kelly Source:Global Times Published: 2017/9/18 18:08:39

Illustration: Chen Xia/GT

Earlier this month, 143 million Americans were shocked to find out that, through no fault of their own, their most confidential information, including social security numbers and credit card data, fell into the hands of hackers.

Equifax, one of the "big three" consumer credit reporting agencies in the US, revealed that their internal company files became accessible to hackers, who were able to siphon off personal consumer data until the breach was finally discovered.

Equifax is responsible for managing the data of 820 million consumers and 91 million businesses worldwide. Considering the breadth and depth of the leaked information, analysts are predicting that the adverse effects of this digital catastrophe may be long-lasting.

Following the disclosure of what has become one of the biggest online security breaches in history, people around the world have been left wondering if their data is really as safe as companies like Equifax, Google and Facebook have led us to believe. We live in a world mediated by technology; every day, we use tech for retail transactions, to chat with friends and even find spouses.

In doing so, we are essentially entrusting our entire lives to the mega-corporations that manage these social and financial platforms. Oftentimes we surrender this information without even fully understanding what data is stored, how it will be used, who has access to it, and - most importantly - what measures will be put in place to ensure that it is kept safe.

Here in China, such concerns are also on the minds of Chinese consumers, as their daily lives too have become increasingly intertwined with technology. According to data from iResearch, the transactions of China's third-party online payment reached 19 trillion yuan ($2.9 trillion) in 2016, soaring 62.2 percent from 2015.

Additionally, Alipay boasts a whopping 520 million users worldwide while WeChat's 2016 data report counts 768 million daily logged-in users; it is estimated that roughly 300 million users have linked their payment information directly to their WeChat account. Clearly, if the financial security of hundreds of millions of Chinese hangs in the balance, more proactive measures should be taken to ensure that they are protected.

Payment apps are not the only services that are potential targets. In 2015, a popular Chinese dating app reportedly came under fire for not using sufficient encryption when transmitting users' personal information. Without encryption, anyone with even a modicum of hacking knowledge was able to intercept the data being transmitted and gain access to the names, ages, interests, locations and contact lists of their reported 2.5 million active users.

If this kind of information were leaked, it could be disastrous for the people involved, as it could be used to stalk or blackmail users. Not to mention the social consequences of the potential release of millions of people's dating history. Keep in mind that, just last year, thousands of Chinese university girls from across the country who had submitted X-rated selfies of themselves (while holding their official China ID card) to illegal money lenders as collateral had all of their photos leaked online; some committed suicides out of sheer shame.

There are already some regulations in China that outline requirements for securing data and consequences for putting consumers' private information at risk. In fact, new cybersecurity legislation put into place in June makes an attempt to further protect individuals and make businesses that store and transmit data more accountable.

But the best course of action now would be to implement an ultra-strict enforcement policy for these regulations. Because, as we have learned from the Equifax credit calamity, once private information is made public it is impossible for it to ever become private again.

It is imperative that China learns a lesson from America's lack of cyber-security and take immediate action to proactively enforce these regulations before there is another major data breach. After all, if you think that millions of Americans having their most personal information stolen is bad, imagine it happening to 1.3 billion people!

The opinions expressed in this article are the author's own and do not necessarily reflect the views of the Global Times.

Posted in: TWOCENTS

blog comments powered by Disqus