CHINA / SOCIETY
Weak email password leads to theft of 2,000 documents containing local military deployment info: China's state secrets protection authority
By Global Times Published: Nov 12, 2025 09:28 AM
Data Security File. MSS issues a statement on its WeChat account on December 1, urging caution over sharing sensitive information online without declassification or risk evaluation. Such information may serve as a major source of open-source intelligence for foreign espionage agencies, which may potentially endanger national security. Photo: VCG

Data Security File. MSS issues a statement on its WeChat account on December 1, urging caution over sharing sensitive information online without declassification or risk evaluation. Such information may serve as a major source of open-source intelligence for foreign espionage agencies, which may potentially endanger national security. Photo: VCG

China's National Administration of State Secrets Protection on Wednesday warned that weak passwords are like "unlocked doors," citing a cyber-espionage case in which a municipal bureau in China had set overly simple credentials for its work email—using the office phone number as the password, resulting in the theft of nearly 2,000 documents.

A simple passcode allows foreign spy agencies to easily access the account. The stolen files included detailed records of local military deployments, the administration said in a report citing China Central Television.  

Officials and supervisors responsible for the breach were held accountable, the report said.

In the report, the administration recalled the Louvre Museum in France, where one of its key system passwords was simply "louvre."

In broad daylight, the Louvre Museum in France fell victim to a "heist of the century." In just seven minutes, eight valuable artifacts were stolen, and the thieves escaped completely unscathed. According to the Paris prosecutor's office, the estimated economic loss from this incident could reach 88 million euros, the report said. 

The administration urged the public to use strong passwords of at least eight characters, including numbers, alphabets and special signs. Work passwords are suggested to be separate with personal ones, and change periodically.

Security can also be improved by enabling fingerprint, facial recognition, or other login methods depending on account sensitivity, the administration said.

It added that if a device is infected with a backdoor or a "Trojan" program, even the strongest password will ultimately fall victim to theft, underscoring the need to install  antivirus software. 

Global Times 
RELATED ARTICLES
US spy chief claims strategy of 'regime change' is over; not a hegemony rethink, nor abandonment of interventionism, say observers

Addressing officials on Friday in the Middle East, the US National Intelligence Director Tulsi Gabbard claimed that America's ...

Australian spy chief accuses China of IP theft and meddling; experts say remarks reflect certain Australian officials’ attempt to mislead public

An Australian spy chief on Tuesday accused Chinese security services of widespread intellectual property theft and political meddling ...