Group 1 - The core viewpoint of the report indicates that data leakage risks are increasing, with a projected total of 41,644 data breach incidents globally by 2025, marking a 10.83% increase from 2024. The financial sector is identified as the most affected industry, with banking risks leading for three consecutive years [1] - The report highlights that illegal institutions are using deceptive tactics to collect personal information, complicating regulatory oversight and increasing consumer litigation costs due to the transient nature of fraudulent links [1] - The report emphasizes the need for improved data security governance in light of the evolving tactics of illegal data trading and the challenges posed by hidden and organized crime [1] Group 2 - The illegal data trading ecosystem is characterized by the emergence of public chat groups that serve as hubs for data transactions, with over 3.6 million pieces of intelligence captured from 1,209 active data trading groups on Telegram in 2025 [2] - Financial data transactions account for over 50% of illegal data trades, with loan-related data being the most sought after, reflecting its high monetization value in the black market [2] - The report notes that the demand for financial user data, particularly loan-related information, remains dominant across various segments, including consumer finance and bank loans [2] Group 3 - The evolution of illegal data trading methods is highlighted, with the introduction of AI for data cleaning and quality control, which aims to enhance conversion rates by filtering out low-quality data [3] - The report indicates that the black market has segmented its operations to cater to different platforms, involving up to 60 financial institutions, thereby complicating the legal landscape for prosecution [3] - Legal experts point out that current laws are inadequate to cover the full spectrum of black market activities, making it difficult to prosecute all participants in the data trading chain [3][7] Group 4 - The report stresses the urgent need for "penetrating" data audits to enhance the security standards and regulatory frameworks for financial institutions in response to the sophisticated operations of illegal data traders [4] - Financial institutions are held to strict data security obligations under the Personal Information Protection Law, and failure to protect data can lead to civil and administrative penalties [6] - The report suggests that financial institutions should implement rigorous ongoing audits of their third-party marketing partners to ensure comprehensive data security [6] Group 5 - The report reveals that the timeliness of leaked consumer finance application data has evolved to an overnight update cycle, indicating the rapid pace of data exploitation [5] - Legal experts emphasize the importance of source disruption in combating illegal data trading, advocating for victims to preserve evidence effectively to support legal actions [9][10] - The report outlines that victims of precision scams need only demonstrate a connection between their data handling on specific platforms and subsequent targeted fraud to establish a legal claim [10]