Chinese media reports say Alibaba Cloud is facing a backlash from Chinese regulators after the Chinese retail giant reported the Log4J vulnerability to Apache before the Ministry of Industry and Information Technology (MIIT).

Chen Zhaojun, a security engineer at Alibaba Cloud, was identified by Bloomberg News as the first person to discover the Log4J vulnerability and report it to Apache. Zhaojun reported it to Apache on November 24, and a third person reported it to the MIIT on December 9.

In recent months, the Chinese government has introduced stricter rules to better manage cybersecurity and privacy, passed several laws, and strongly warned large companies about the need to protect data shared outside the mainland.

Alibaba has been fined a whopping 18.2 billion yuan, and 33 other mobile apps have been heavily criticized by the Chinese government for their data collection practices. Didi and Tencent are among the other prominent companies under intense scrutiny in China.