Inside the Weimob Data Deletion: Lessons on Permissions and Backup

According to an official announcement from Weimob, the company's business system databases—including primary and standby copies—were deleted by an internal operations staff member. The technical team is working to restore the data, but recovery is progressing slowly. Service for new users has been restored, while data for existing users is expected to be fully recovered by February 28.

Repeated incidents of database deletions underscore the importance for companies to focus on two key areas:

Stricter permission management: Many organizations grant overly broad permissions to operations personnel, increasing the risk of accidental or malicious damage.

More reliable backup mechanisms: Even primary‑standby setups can be deleted; restoring from disk can be time‑consuming.

Technical staff are also reminded to avoid impulsive decisions that could lead to serious consequences.

Below is a screenshot of the official notice:

Dear Weimob merchants, we endured a painful 36‑hour outage. On February 23 at 19:00, system monitoring triggered an alarm indicating a service failure. Investigation revealed extensive cluster unresponsiveness and severe data damage. We immediately activated emergency response and collaborated with Tencent Cloud to devise a recovery plan.

By February 25 at 07:00, both production environment and data restoration were underway. We expect the production environment to be fully restored by February 25 24:00, allowing new users to resume services. Data for existing users, due to longer restoration time, will be recovered by February 28 24:00, with interim solutions provided.

We have traced the malicious activity to a core operations staff member, He, who accessed the internal network via VPN on February 23 at 18:56 and deliberately damaged the production environment. The suspect has been reported to Baoshan District Police and is currently in criminal detention.

Weimob sincerely apologizes for the incident, is preparing compensation plans for affected merchants, and commits to strengthening operational governance and paying closer attention to employee well‑being in remote work settings.