Baidu, Chinaβs leading search engine giant, has firmly denied allegations of an internal data breach after a controversial incident involving a senior executiveβs teenage daughter.
The company got involved in a data security incident, which prompted significant concerns about personal information safety in Chinaβs digital economy.
On March 20, 2025, Baidu issued an official statement refuting claims that it had experienced an unauthorized data breach after the 13-year-old daughter of Baidu Vice President Xie Guangjun allegedly exposed the personal information of multiple internet users.
Baidu Data Leak -
The incident, which has been characterized as a βdoxingβ attack (known in Chinese as βkaΗhΓ©β or βunboxingβ), reportedly occurred following an online dispute about K-pop star Jang Won-young.
Internet detectives identified the teenager after she inadvertently posted an employment certificate belonging to her father online.
The controversy escalated when the minor reportedly shared sensitive user data, including phone numbers and personal details of a pregnant woman, triggering widespread online outrage.
In its technical assessment of the incident, Baiduβs security team emphasized that all employees and executives are explicitly prohibited from accessing user data by implementing strict access control protocols.
The company claimed the information shared by the teenager originated from illegally obtained βsocial engineering databasesβ on foreign platforms that aggregate stolen private information.
This case demonstrates the increasing sophistication of illegal data scraping operations that can compile comprehensive personal profiles from multiple sources.
Reuters reported that Baidu has initiated formal legal proceedings regarding the circulation of what it terms βfalse information,β particularly allegations that Xie provided his daughter with database access credentials.
The companyβs swift response includes filing a police report and implementing technical countermeasures to prevent similar incidents.
Xie Guangjun, who oversees Baiduβs Intelligent Cloud Business Group (ACG), issued an apology via his personal WeChat account on Monday, asserting that his daughter obtained the information from overseas social networking sites rather than Baiduβs internal systems.
However, at least two victims have reportedly rejected this explanation and filed police reports demanding a public apology.
Following the news, the incident has had immediate financial consequences for Baidu, with shares dropping more than 4% during Hong Kong trading.
China has recently implemented comprehensive data protection regulations aimed at restricting the sharing of private information and combating the proliferation of underground data brokers who traffic in personal details such as birth dates and property ownership records.
The controversy highlights the ongoing challenges major tech companies face in safeguarding user data while maintaining public trust in an increasingly complex digital landscape.