How a Chinese Hacker Tried To Blackmail Me

What's to come?
Feb. 7 2013 1:29 PM

The Ultimate Invasion of Privacy

How a Chinese hacker used my private nickname, personal emails, and sensitive documents to try to blackmail me.

Man looking at a computer.
It’s one thing to tell yourself you have nothing to hide; it’s another to surrender all privacy to a hostile intruder

Photo by iStockphoto/Thinkstock

This article originally appeared on Zócalo Public Square.

In 2007, I opened an email from an unknown sender. The message greeted me by a nickname known only to family and close friends. I was in Shanghai, unwinding late at night after a long day, pleased to be contacted by someone familiar from across the Pacific. I figured someone close to me must have gotten a new email address. But the note was signed “Eric.” I did not know an Eric.

The message was friendly and chatty, with several attachments, and it contained a proposal: I could pay 1 million renminbi (about $150,000 at the time), in exchange for which the sender would not forward the attachments to my business partners or competitors. It took me a second—in that out-of-body, as-if-movie-watching state we go to when totally disoriented—to digest what was happening. This was no friendly email from the home front, no business proposition in any traditional sense. This was blackmail, or extortion, or some other noun that I would never associate with my life.


Last week, I read of the infiltration of the New York Times and other media by Chinese hackers, and I can imagine how Times staffers must be feeling. It brought back all too vividly the violation-induced nausea of my own experience with China’s hacker army.

At the time, I was the chairman of a company that was building shopping centers in China. The company was a partnership of three entities: a major U.S. bank, a Chinese state-owned enterprise, and my firm. We were building centers in third- and fourth-tier cities. The anchor tenant was a multinational hypermarket. Nearly all the employees were Chinese. It was an exhilarating adventure for me, but it was of little consequence politically. The enterprise was building Chinese shopping centers in Chinese cities for Chinese consumers.

Even so, all of our Internet activity was monitored. There was a small modem-like device attached to the primary server in our computer room. It was not terribly clandestine. We were told that the “government” would be restricting access to international news sites and various Chinese sites.

Our Chinese employees were used to this sort of thing. But for my American colleagues and me, the monitoring was a novelty. Although most international sites were accessible, certain stories on news websites were blacked out. When the power or the Internet would go down, we would promptly get a phone call from China Telecom, our service provider. They were on a friendly, first-name basis with our Shanghainese-speaking IT guy. “What’s up?” they’d ask. “Why are you offline?” They feared we would just disconnect the monitoring device, and they wanted to let us know they were paying attention. But I didn’t have anything to hide, so I didn’t give it much more thought.

I looked at the documents that were attached to the blackmail request. There were operating budgets and business plans. There were confidential memos to the senior management of my financial partner, written at their request, reviewing the progress of their projects. There were memos critical of staff. There were emails between my own team and me exchanging casual commentary on people and places, frustrations and triumphs. Perfectly appropriate for private consumption but not for public consumption. Then there were emails from my personal account. Some concerned the troubled life of my recently deceased mother.

It’s one thing to tell yourself you have nothing to hide; it’s another to surrender all privacy to a hostile intruder. And if Eric had these documents, what else did he have? What else did he know? What else was there to know? Who was doing this? Why? What did other people already know? Was there anything about me they didn’t know, or couldn’t misconstrue to their advantage? The intrusion was like a digital cancer that could expand ad infinitum, nourishing itself on every link and attachment and contact address, jeopardizing the privacy of others as well as my own.


Justice Ginsburg’s Crucial Dissent in the Texas Voter ID Case

The Jarring Experience of Watching White Americans Speak Frankly About Race

How Facebook’s New Feature Could Come in Handy During a Disaster

The Most Ingenious Teaching Device Ever Invented

Sprawl, Decadence, and Environmental Ruin in Nevada

View From Chicago

You Should Be Able to Sell Your Kidney

Or at least trade it for something.

Space: The Next Generation

An All-Female Mission to Mars

As a NASA guinea pig, I verified that women would be cheaper to launch than men.

Terrorism, Immigration, and Ebola Are Combining Into a Supercluster of Anxiety

The Legal Loophole That Allows Microsoft to Seize Assets and Shut Down Companies

  News & Politics
Oct. 19 2014 1:05 PM Dawn Patrol Justice Ruth Bader Ginsburg’s critically important 5 a.m. wake-up call on voting rights.
Business Insider
Oct. 19 2014 11:40 AM Pot-Infused Halloween Candy Is a Worry in Colorado
Oct. 17 2014 5:26 PM Judge Begrudgingly Strikes Down Wyoming’s Gay Marriage Ban
  Double X
The XX Factor
Oct. 17 2014 4:23 PM A Former FBI Agent On Why It’s So Hard to Prosecute Gamergate Trolls
  Slate Plus
Tv Club
Oct. 20 2014 7:15 AM The Slate Doctor Who Podcast: Episode 9 A spoiler-filled discussion of "Flatline."
Brow Beat
Oct. 20 2014 8:32 AM Marvel’s Civil War Is a Far-Right Paranoid Fantasy—and a Mess. Can the Movies Fix It?
Future Tense
Oct. 17 2014 6:05 PM There Is No Better Use For Drones Than Star Wars Reenactments
  Health & Science
Bad Astronomy
Oct. 20 2014 7:00 AM Gallery: The Red Planet and the Comet
Sports Nut
Oct. 16 2014 2:03 PM Oh What a Relief It Is How the rise of the bullpen has changed baseball.