View all Articles
Commentary By Christos A. Makridis

What Every CEO Needs To Know About the Shanghai Data Breach

The Shanghai data breach is perhaps the largest data loss in the world and corporate security and privacy officers are still debating its lessons.

Here’s what happened: The Shanghai police amassed a huge database of personal identifying information, known in the trade as “PII,” and failed to secure it. The database included details on, seemingly, hundreds of millions of people. The purloined personal data included information on Chinese citizens, foreigners living in China, and even on tourists just passing through Shanghai over the past several years. Soon, 23 terabytes of sensitive information — including names, birthplaces, national ID and passport numbers, home addresses, criminal records, and even the contents of food deliveries –was scooped up and offered for sale at the price of 10 bitcoin (roughly $215,000).

Continue reading the entire piece here at


Christos A. Makridis is an adjunct scholar at the Manhattan Institute. He is also a research professor at Arizona State University and the chief technology officer and head of research of Living Opera, an arts and education technology startup.

This piece originally appeared in