Why a Programmer Deleted 300M Users' Data – Lessons on Cloud Security

Case Background

In February 2020, a programmer named He, motivated by personal debt and alcohol‑induced frustration, accessed his company's VPN and deleted all data stored on Weimeng's servers, causing the SaaS platform to collapse and affecting more than 300 million users.

The outage lasted eight days, with full service restored only on March 3, and the incident resulted in a direct financial loss of over RMB 22.6 million for the company.

Legal Judgment

The Shanghai Baoshan District People's Court found He guilty of "destroying computer information systems" and sentenced him to six years in prison, confiscating his laptop as evidence. The court cited the "especially serious" consequences of his actions, referencing Article 286 of the Criminal Law, which mandates five years or more imprisonment for severe damage to computer systems.

Impact on Weimeng

The sabotage caused the company's market value to drop by more than HK$1 billion within a day and led to a compensation plan of RMB 150 million for affected merchants.

Weimeng's 2020 first‑half financial report recorded a net loss of RMB 5.46 billion, of which RMB 0.87 billion was attributed to the SaaS data‑destruction incident.

Data‑Security Reflections

Weimeng acknowledged shortcomings in its data‑security management and announced a plan to migrate data to Tencent Cloud, implement tiered permission controls, and improve incident‑response capabilities.

The case highlights the risks of insufficient cloud adoption, where data stored on-premises or on “pseudo‑cloud” setups are more vulnerable to insider attacks.

Discussion on Cloud Adoption

Experts note that fully migrating to cloud services can provide additional backups and stricter identity verification, reducing the likelihood of total data loss.

However, some argue that even in the cloud, data can be completely erased if proper safeguards are not in place.