When a Resigned Developer Deletes Company Data: A Real‑World InfoSec Crime Case

In the Chinese IT community, the phrase “删库跑路” (deleting databases and fleeing) has long been a colloquial way for programmers to vent frustration, but recent incidents have turned it into a serious legal issue.

In February of the previous year, a programmer’s few lines of code caused the listed company Weimeng’s market value to drop by over 1 billion CNY in a single day, affecting millions of users. This was one of the most notorious data‑deletion cases in China.

Another striking case involved a former employee, Wu, who worked from December 2018 to September 2020 at Shanghai YunTech Information Technology Co., handling product development, operations, and management. After a labor dispute, Wu decided to delete company data to demand unpaid wages.

In October 2020, Wu exploited a vulnerability in the company’s file‑upload system on the website www.zhuzuolife.com. By running the scripts model-test-1.php and model-test-2.php, he executed the rm command to delete two user‑log files ( user-data.php, user-log.php) and an optimization script ( bihe.php) on a server rented from a cloud provider.

Later, from 24 November to 2 December 2020, Wu used credentials for the company’s Qiniu Cloud server to log in and run a custom test.php program, which rapidly erased more than 27 000 images and 3‑D model files uploaded by users of the “ZhuZuo” app, rendering the app’s interior‑design features unusable.

The company paid 12 000 CNY to Qiniu Cloud for data recovery, and Wu was arrested on 16 December 2020 on suspicion of a major crime. He later compensated the company, obtained the victim’s forgiveness, and received a reduced sentence.

The Shanghai Changning District People’s Procuratorate concluded that Wu’s actions—deleting, modifying, and interfering with data and applications on a computer information system—constituted the crime of destroying computer information systems, punishable under Article 286 of the Criminal Law. Because Wu confessed, pleaded guilty, and cooperated, the court sentenced him to eleven months’ imprisonment.

The judgment cites the relevant legal provisions: Article 286 of the Criminal Law (up to five years’ imprisonment for serious damage, over five years for especially serious damage) and related procedural statutes. The full judgment can be accessed at https://wenshu.court.gov.cn/website/wenshu/181107ANFZ0BXSK4/index.html?docId=a139dcbca18a4c42999fad2b00f46a90.