In Guiyang, a beauty salon’s WeCom account was compromised and used to send illegal solicitation messages to clients. The salon apologized and confirmed the breach.

Social Context

Corporate WeChat accounts fall under China’s ‘Cybersecurity Law’, requiring multi-factor authentication and employee cybersecurity training. Breaches involving illegal content trigger mandatory 24-hour reporting to the Cyberspace Administration—and failure to do so incurs fines up to 1 million RMB under the ‘Data Security Law’.

Safety Tip

Enable hardware security keys and session timeout on all business messaging platforms; conduct quarterly phishing simulation tests with staff.