Chinese hackers, perhaps bored with breaking into targets overseas like the US Chamber of Commerce, have turned their attention to popular domestic websites. Now millions of Chinese Web users are scrambling to change their passwords and account information after a massive data leak.

Hackers released over 100 million usernames and passwords from Dec 21 to 26, according to multiple reports. Targets include the country’s post popular Web forum, Tianya, and social networking sites such as the Facebook-like Renren and Kaixin.

The hackers also hit popular gaming and shopping sites, as well as software development network CSDN. Some companies appear to have stored passwords without encryption.

Legal experts told Caixin magazine—a Chinese publication similar to BusinessWeek—that the hacks “exposed serious shortcomings in Chinese laws and regulations,” which offer no clear guidelines for protecting user information. The Chinese agency responsible for Internet regulation has denounced the attacks and is assembling a team to investigate them.

Meanwhile he country’s largest microblogging platform, Sina Weibo, has apparently avoided the data leak unscathed (despite persistent rumors to the contrary). That didn’t stop Weibo users from bemoaning the lack of security at some of the country’s most popular websites.

"Have you changed your password?" even became a trending topic on the site, according to the China Times.

“There are no secrets inside the great firewall … it takes nothing to leak your account information,” wrote Weibo user Qin Hai Qing Huai

“I’ve always said domestic services are unprofessional and unreliable,” added user She Huayu.

Sadly, She’s statement rings true across the world, not just at Chinese Internet services. Just ask Sony.

Photo by Cory Doctorow