Case Study: Six-Year Prison Sentence for a Programmer Who Deleted SaaS Data and Its Implications for Data Security
A Shanghai court sentenced programmer He Mou to six years in prison for deliberately deleting all SaaS data of Weimeng, causing an eight‑day outage, over 300 million yuan in losses, and prompting a discussion on on‑premise versus cloud data protection strategies.
Reason for the Data Deletion: Inability to Repay Online Loans and Personal Dissatisfaction
He Mou’s act of deleting the database was driven by personal financial stress and alcohol‑induced frustration, leading to a six‑year prison sentence.
Shanghai Baoshan District People’s Court found that He Mou violated national regulations by deleting data stored in a computer information system, causing especially severe consequences, thereby constituting the crime of destroying computer information systems. He Mou confessed, accepted responsibility, and was sentenced to six years’ imprisonment (effective from February 24 2020 to February 23 2026) and confiscation of the laptop used.
The court applied Article 286 of the Criminal Law, which stipulates five years or more imprisonment for especially serious damage to computer systems.
Incident Review: Direct Losses Exceeding 0.87 Billion Yuan
On February 23 2020, Weimeng’s SaaS platform collapsed, affecting over 300 million users and causing a market value drop of more than HK$1 billion within a day.
The outage lasted eight days and fourteen hours, with full service restored on March 3 2020.
Weimeng later paid a compensation package of 1.5 billion yuan to affected merchants.
Financial statements show a net loss of 5.46 billion yuan in the first half of 2020, of which 0.87 billion yuan is attributed to the SaaS incident.
Data Not Fully Migrated to the Cloud
Weimeng’s post‑incident announcement highlighted shortcomings in data security management and a plan to move data to Tencent Cloud, improve permission grading, and strengthen rapid response capabilities.
The incident revealed that the company’s data were largely not stored in the cloud, or only partially migrated, increasing the risk of total data loss.
Experts note that on‑premise or “pseudo‑cloud” setups make it easier for operators to execute destructive commands such as rm -rf /* or fdisk , whereas full cloud adoption typically provides additional backups and stricter identity verification.
However, some argue that even fully cloud‑based data can be completely erased if proper safeguards are not in place.
Readers are invited to share their views on “full cloud” versus “not full cloud” data strategies.
Top Architect
Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.