Hackers Steal Discount Vouchers From Pinduoduo

Pinduoduo, the Chinese Nasdaq-listed Internet marketplace that lets consumers get discounts from merchants, announced Sunday (January 20) that an online collective stole tens of millions of yuan worth of discount vouchers.

Reuters, citing Pinduoduo, said the group took advantage of a loophole on the platform to steal the vouchers. The company said the bug was immediately fixed and the incident was reported to the police, reported Reuters. The company’s marketplace enables consumers to group together so they can get a deeper discount on a variety of products from gadgets to clothing.  The news may hurt the reputation of the Chinese startup that in August raised $1.63 billion in the second-biggest U.S. listing of a company from China. Pinduoduo has a valuation of $23.8 billion.

The breach also comes at a time when regulators in China have launched a probe into fake goods being hawked on the Pinduoduo marketplace. A Reuters report from August said that the State Administration for Market Regulation website announced government plans to interview the staff and deal with any illegal practices it uncovered. Some of those include failing to remove fake listings on the marketplace, reported Reuters at the time.

Pinduoduo isn’t the only high-profile company to have to disclose a Chinese-related breach. In October Apple, the Cupertino, California iPhone maker, apologized after hackers were able to steal money from the accounts of Alipay customers in China using Apple IDs. Alipay is one of the leading mobile payment apps in the country. Ant Financial, the payment affiliate of Alibaba and the company behind Alipay, expressed frustration at the time because the issue wasn’t resolved even after the company reached out to Apple. Instead, the companies were forced to tell users with Apple IDs to lower the transaction limits on their accounts to prevent fraud.