UK Biobank Data Leaked, Found on Chinese E-commerce Site

/MEDIUM
Written by SCW Research Research & Analysis
SCW threat-inteldata-breachgovernment
UK Biobank Data Leaked, Found on Chinese E-commerce Site

The Record by Recorded Future reports that sensitive medical data belonging to 500,000 British citizens was found listed for sale on Alibaba. The data, held by the UK Biobank charity, includes genetic sequences, blood samples, medical scans, and lifestyle information. While intended for research under strict legal contracts, the data was advertised in multiple listings, with at least one potentially containing information from all 500,000 volunteers. The listings were reportedly removed with the cooperation of Chinese authorities and Alibaba before any sales occurred.

Three research institutions have been identified as the source of the data posting. Their access has been revoked, and UK Biobank is pausing further data access pending strengthened security measures. The UK government confirmed this was not a direct leak from Biobank but a ‘legitimate download’ by an accredited organization that subsequently mishandled the data. This incident highlights the persistent risks associated with large, sensitive datasets, even when de-identified.

What This Means For You

  • If your organization handles sensitive personal or genetic data, audit your access control and data handling policies immediately. Review download and sharing protocols for research data, especially when shared with external institutions. Ensure all data access agreements have robust security and accountability clauses, and verify the security posture of any third-party researchers or institutions granted access.
🛡️ Am I exposed to this? Check if UK Biobank impacts your environment — get SIEM detection rules instantly

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1537 Impact

UK Biobank Data Listed for Sale on Alibaba

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Written by SCW Research

Take action on this incident
📡 Monitor ukbiobank.org Free · 1 watchlist slot · instant alerts on new breaches 🔍 Threat intel on UK Biobank All breaches, IOCs & vendor exposure

Related Posts

Bitwarden CLI Compromised in Checkmarx Supply Chain Attack

The Hacker News reports that the Bitwarden command-line interface (CLI) has been compromised. This incident is part of an ongoing supply chain campaign initially identified...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

House Republicans Unveil Federal Data Privacy Bill, Threatening State Laws

House Republicans have introduced the SECURE Data Act, a federal data privacy bill that, if passed, would override existing state-level data protection measures. The proposed...

threat-inteldata-breachgovernment
/SCW Research /MEDIUM

Supply Chain Exploits & DeFi Hacks: Old Bugs, New Targets

The cybersecurity landscape continues to see a troubling recurrence of familiar vulnerabilities, despite their long-standing presence. According to The Hacker News, incidents frequently surface that...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs