Medical data of half a million British volunteers put up for sale on Chinese website, says UK govt

Medical data from UK Biobank volunteers appeared for sale on a Chinese website.

April 23, 2026 23:22 IST

Image used for representational purpose. (Picture credit: Canva)

The confidential health data of around 500,000 British volunteers linked to UK Biobank appeared for sale on the Chinese e-commerce platform Alibaba, said UK government on Thursday.

UK Technology Minister Ian Murray told Parliament that three listings offering Biobank data surfaced online last week. Authorities removed the listings before any purchase occurred. Officials said the datasets appeared to include information from the entire pool of 500,000 participants.

The Biobank project holds some of the world’s most detailed health information. It includes genome sequences, brain scans, blood samples, and diagnostic records. Scientists from universities and private firms can apply to access this data for research, reported The Guardian.

Details of incident

Murray said the data was not stolen through a cyberattack. Instead, an accredited research organisation legally downloaded the data and later misused it. “This was not a leak. This was a legitimate download by a legitimately accredited organisation,” he told lawmakers.

The data offered for sale was “de-identified.” It did not include names, addresses, or exact birth dates. However, experts warn that such data can still pose risks if combined with other information.

US expert flags crisis after H-1B applicant gets August 2027 visa slot despite putting effort at 3.30 am

Until late 2024, approved researchers could download Biobank data directly to their own systems. Security experts had raised concerns about this practice for years. They warned that control becomes difficult once data leaves the central system.

In response to the incident, the government asked Biobank to pause all further data access. Officials also directed the organisation to introduce stronger technical safeguards. “We have asked that the Biobank charity pause further access to its data until they have put in place a technical solution,” Murray said.

Actions taken

Authorities worked with Alibaba and Chinese officials to remove the listings. Murray thanked the Chinese government for acting quickly. “I want to thank the Chinese government for the speed and seriousness with which they worked with us,” he said.

Biobank has revoked access for the institutions linked to the listings. It has also taken its research platform offline while it upgrades security systems. The organisation plans to install an automated “airlock” system to check data before it leaves the platform.

$425 million Capital One settlement approved – Check eligibility and claim process

Rory Collins said the organisation acted fast once it found the issue. “We take the protection of participants’ data extremely seriously and do not tolerate any form of data misuse,” he said. “The actions of these individuals are a clear breach of the contract they signed,” he added.

He said the listings were removed before any sale took place. “We apologise for the concern this will cause,” Collins said. “We have already put in place technology, processes and a board-led review to stop this happening again,” he added.

The case has been referred to the Information Commissioner’s Office for further investigation. The regulator will examine whether any data protection rules were broken, reported The Guardian.

The breach comes weeks after reports that Biobank data had appeared online multiple times in the past. It also follows a decision by UK Health Secretary Wes Streeting earlier this year to allow coded GP records of all participants to be shared with the project.

This article was first uploaded on April twenty-three, twenty twenty-six, at twenty-two minutes past eleven in the night.