• Those who are caught selling stolen personal data in China could serve seven years in jail.

Those who are caught selling stolen personal data in China could serve seven years in jail. (Photo : Reuters)

Non-medical data of more than 200,000 children in Shandong Province have been stolen, leading panic-stricken parents to believe that a possible illegal data trade-off might be on the table.

Personal details, including names, contact numbers and addresses, belonging to patients in Jinan, East China's Shandong Province, have been leaked and are now being sold for 32,000 yuan or $4,900, the Global Times said, citing a Qilu Evening News report.

Like Us on Facebook

The patients are all children who received services at unnamed hospitals in China.

"The data of newborn babies in Beijing, including 40,000 babies born since 2016, could be bought for 0.2 yuan per baby," according to the Global Times.

Raising more terror among parents is the accuracy of the illegally obtained data. Qilu Evening News managed to gather a sample data list of 29 children whose personal information got stolen. More than 60 percent of the information on the list proved to be accurate, after the newspaper called the children's families using the acquired contact numbers.

"Parents also complained that they have received many fraudulent calls, guessing that their information might have [been] leaked when their children were vaccinated at local hospitals," said the Global Times.

The families are not ruling out the possibility of extortion and kidnapping arising from the data theft.

China University of Political Science and Law's Zhu Wei said in an interview with the news website that both cyber-thieves and government workers conniving with sellers could be behind the crime.

He also said that unreliable data supervision from the government is one of the factors why criminals are unafraid to illegally acquire confidential information.

According to China Criminal Law Article 253, those who are caught selling these types of data could serve a maximum of seven years in jail.

This is not the first time non-medical data were stolen from hospitals. In 2014, U.S.-based Community Health Systems Inc. suffered a cyber theft from China, where personal details, including social security numbers, of 4.5 million patients were acquired illegally, according to Reuters.