UK Biobank Health Records Still for Sale on Alibaba, Government Says

The UK science ministry confirmed that new postings of UK Biobank data continue to appear on the Chinese e‑commerce platform Alibaba, despite a takedown effort launched last week. The data set includes health information from 500,000 volunteers who consented to research use under strict privacy safeguards.

Lord Patrick Vallance, the UK science minister, told the House of Lords that the government has engaged Chinese officials to delete the listings quickly. “New listings will emerge – there have been additional listings posted since the government were made aware of the issue last week – and we continue to work with the Chinese government to remove them quickly,” he said.

Vallance identified three Chinese hospitals – Second Xiangya Hospital, China‑Japan Union Hospital and Beijing Chaoyang Hospital – as the institutions linked to the postings. The data is described as “de‑identified,” meaning names, addresses and exact birth dates are omitted. Vallance warned that sophisticated triangulation techniques can still approach re‑identification, a risk highlighted when a journalist previously matched a single participant using only birth date and surgical details.

The breach was first reported after an anonymous whistle‑blower alerted UK Biobank. The charity immediately suspended all data access and requested removal of the listings. No evidence of actual sales has emerged, but the incident marks the latest in a series of at least 30 breaches tracked by Oxford Internet Institute researcher Dr Luc Rocher, including a separate 96,000‑record set uploaded inadvertently by a Yale graduate student.

For participants, the practical takeaway is vigilance: while the probability of personal identification remains low, the incident underscores the limits of de‑identification in large genomic and health databases. Researchers are urged to adopt stricter secure‑environment protocols before granting data access.

Policymakers face pressure to reinforce data‑governance frameworks and to ensure that cross‑border collaborations include enforceable safeguards. The UK government’s ongoing dialogue with Chinese regulators will test the effectiveness of diplomatic channels in curbing illicit data markets.

What to watch next: monitor announcements from UK Biobank on new security measures and any further listings that appear on international platforms.