Wednesday, June 24, 2026

Valyrian News Network

Understanding, Automated

Crime Technology

Four Arrested in Shanghai Doxxing and Stalking Scheme

Valyrian News Network 4 min read

Four Arrested in Shanghai Doxxing and Stalking Scheme

Shanghai police have dismantled a criminal ring that masqueraded as a missing person search service while secretly running a doxxing, stalking, and personal data trafficking operation. Four suspects were arrested by the Huangpu District Public Security Bureau for what authorities describe as a sophisticated six-month scheme that handled over 2,000 orders and generated more than 300,000 RMB (approximately $41,500 USD) in illegal proceeds.

According to The Paper, the group operated from October 2025 to April 2026 under the guise of “helping find missing persons” on social media platforms. In reality, they were illegally purchasing and reselling citizens’ personal information, and for higher-paying clients, providing physical surveillance services including stakeouts and GPS tracking.

The Operation

The ringleader, identified as Zhang (张某), used encrypted communication software to purchase personal data from upstream channels — likely operators of “social engineering databases” (社工库) that aggregate leaked or illegally obtained personal information. Three front-end operators — Hua (华某某), Li (李某某), and Zhou (周某某) — managed social media accounts that attracted clients under the pretense of locating missing individuals, handling inquiries and pricing.

The personal information sold by the group covered a wide range of data, including identity documents, financial records, marital status, property holdings, and real-time location tracking. Individual data entries were priced from tens to thousands of RMB, depending on the sensitivity and depth of the information.

Beyond online data sales, the group offered offline “value-added” services that marked a significant escalation in privacy invasion. For clients willing to pay tens of thousands of RMB per order, the gang would travel to target cities, conduct multi-day stakeouts, document daily routines and vehicle license plates, and even install GPS tracking devices on vehicles.

Who Was Buying?

The client base revealed a troubling diversity of motivations. According to the police investigation, the largest group of buyers were individuals in marital or relationship disputes seeking to verify their spouse’s whereabouts. Private debt collectors formed the second-largest client segment. Some ordinary citizens placed orders hoping to find lost classmates or old friends. Most disturbingly, some netizens used purchased personal information to threaten “doxxing” — known in Chinese as “开盒” (literally “opening the box”) — against others during online arguments.

The arrests come amid a nationwide crackdown on doxxing and personal information crimes in China. In March 2026, both the Supreme People’s Court and the Supreme People’s Procuratorate specifically named “开盒” in their annual work reports at the National People’s Congress, signaling a top-down enforcement priority. As CCTV News reported, experts noted that doxxing governance has shifted from partial measures to comprehensive, full-chain management.

In April 2026, the Cyberspace Administration of China, Ministry of Industry and Information Technology, and Ministry of Public Security jointly launched a year-long special campaign targeting illegal collection and use of personal information across apps, SDKs, and key sectors including finance, healthcare, education, and transportation.

Charges and Investigation

The four suspects have been charged with “Crime of Infringing on Citizens’ Personal Information” (侵犯公民个人信息罪) under Article 253 of China’s Criminal Law. They remain in criminal detention as the investigation continues. The case was uncovered by the Shanghai Public Security Bureau’s Cybersecurity Division and investigated by the Huangpu District bureau.

Analysis and Implications

This case illustrates the evolving sophistication of privacy-invasive criminal enterprises in China. The combination of online data trafficking with offline physical surveillance represents a dangerous business model innovation that blurs the line between cybercrime and traditional stalking.

The scale of the operation — over 2,000 orders in just six months — suggests a thriving black market for personal data in China, driven by demand from relationship disputes, debt collection, and online harassment. The case also raises important questions about the upstream suppliers of personal data and whether social media platforms bear responsibility for hosting accounts that advertise illegal services.

What to Watch For

As the investigation proceeds, key questions remain: Will authorities pursue the upstream data suppliers who provided the personal information? Will any of the 2,000+ clients face charges for purchasing illegally obtained data? And how will social media platforms respond to the misuse of their services for advertising doxxing operations?

The case is likely to serve as a reference for future prosecutions of hybrid online-offline privacy crimes, potentially shaping enforcement approaches across China as authorities continue their nationwide push against doxxing and personal information violations.