Emerging ThreatsData Breaches

UK Biobank Data Surfaces for Sale on Alibaba Amid Security Probe

Analyst 207||Source: GovInfoSecurity
Laptop screen displays blurred health information on a subtle medical background.

"With support from both the U.K. and Chinese governments, Alibaba swiftly removed these listings, and we were advised that no sales had been made." — UK Biobank

What appeared on Alibaba

UK Biobank said a vendor listing on Alibaba, a Chinese e-commerce site, included de-identified participant data that the organization had earlier shared with researchers at three unnamed academic institutions. The U.K. dataset, which UK Biobank describes as a comprehensive collection of biological, health and lifestyle information, includes genomic data, health records, medical imaging data and "an array of other sensitive health information." UK Biobank told the government the material listed did not contain participants’ names, addresses, contact details or telephone numbers.

UK Biobank's containment measures

UK Biobank said it discovered the listing and notified the government on April 20. In an April 23 statement it said the listings had been found the week before. The organization suspended access for the three academic institutions and "the individuals involved" while it conducts a forensic investigation.

UK Biobank also said it instituted "a strict limit on the size of files that can be taken off the platform." The new control, the organization explained, will allow researchers to export research results but will limit their ability to download participant data. It reiterated that researchers are required to do their research on its "restricted, cloud-based research platform hosted in the U.K. data."

The U.K. government, Chinese officials, and Alibaba

British officials said the incident did not appear to involve a cyberattack. The U.K. government told reporters it is working with Chinese officials to remove the listings from Alibaba. UK Biobank reported that with support from both governments Alibaba removed the listings and that it had been "advised that no sales had been made."

Separately, The Guardian reported that additional health records had been listed on Alibaba and that officials are "braced" for the possibility of more leaks.

Reaction in the House of Lords

Parliamentary figures discussed the incident in the House of Lords. Conservative peer Nick Markham said that one of the data sets appeared to contain data from all 500,000 volunteers in the long-term study. Labour peer John Reid described the incident as not a cyberattack but warned that changing behavioral aspects alone would be insufficient.

Reid said, "it will require a range of cultural, behavioral and technical effects to try to minimize the chances of this happening again," emphasizing that a mix of remedies will be necessary if future exposure is to be prevented.

How researchers, volunteers, and the U.K. government are responding

  • Researchers and academic institutions: Access for the three unnamed institutions and involved individuals has been suspended and their prior contractual permissions are being treated as breached, according to UK Biobank. The organization is limiting data exports and requiring use of its restricted, cloud-based research environment.
  • Volunteers and participants: UK Biobank emphasized the listings contained de-identified information and did not include names, addresses, contact details or telephone numbers; however, one dataset was said by a member of the House of Lords to appear to include information tied to all 500,000 volunteers.
  • The U.K. government and Chinese officials: The government notified and engaged Chinese counterparts to have the listings removed; Alibaba removed the listings and, per UK Biobank, was reported to have been advised that no sales had taken place.

This episode leaves several concrete steps in motion: a forensic investigation by UK Biobank, suspended access for implicated researchers and institutions, new technical limits on data export, and diplomatic engagement to take down online listings. The Guardian's reporting that additional records appeared on Alibaba and that officials are "braced" for more leaks frames the incident as ongoing rather than closed. The core factual ledger is therefore simple and stark — de-identified records from a major volunteer dataset were found listed for sale, the listings were removed with government assistance, access was suspended, and an investigation is underway.

Original story

Data BreachEmerging ThreatsGdprHealthcareNational SecuritySupply ChainHealth DataAlibabaUK BiobankGenomic DataBiobank Data Exposure
Related Intelligence

Continue Reading

Technicians surround a prominent server terminal with a blurred screen in a brightly-lit Japanese data center.

KDDI Data Breach Compromises 14.2 Million Email Logins at Six ISPs

A massive data breach at KDDI Corporation has put 14.2 million email logins at risk, compromising sensitive information for customers across six Japanese internet service providers. The breach, discovered on June 17, exploited a vulnerability in a third-party software component used on one of KDDI's email systems.

Analyst 207
Person sitting in quiet room, holding smartphone with concern, surrounded by papers and laptop.

Russia Targets Messaging Credentials with Fake Support Texts

Beware of fake support texts that could compromise your personal data and sensitive information! A joint investigation by the Security Service of Ukraine and the FBI uncovered a systematic campaign to steal messaging platform credentials from government officials, military personnel, and activists worldwide.

Analyst 207
Developer workstation with laptop open to GitHub repository, surrounded by coding tools and notes on cluttered desk.

GitHub Repos Used to Deploy Malware via AI Coding Tools

Imagine a GitHub repository that looks perfectly safe, yet can secretly deploy malware on a developer's device - all without triggering any red flags. Researchers have demonstrated just how easily this can happen, using an AI coding agent to run a malicious payload hidden in a seemingly clean project.

Analyst 207
Person sits in quiet room with smartphone, papers, and blurred laptop screen, conveying cautious atmosphere.

FBI Warns of Russian Hackers Targeting Signal Backup Keys

Stay vigilant, as Russian hackers are now targeting Signal backup keys in an evolved phishing campaign, attempting to gain access to your historical message backups by tricking you into revealing these sensitive keys. Be cautious of messages masquerading as automated support accounts, as they may be part of this sinister plot.

Analyst 207