Alleged database hack by Chinese police reveals data of 1 billion

HONG KONG – Hackers claim to have obtained a treasure trove of data on 1 billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the biggest data breaches in history.

In a post on online hacking forum Breach Forums last week, someone using the name “ChinaDan” offered to sell nearly 24 terabytes (24 TB) of data, allegedly including information on 1 billion people and “several billion case records “. 10 Bitcoin worth about $200,000.

The data allegedly includes information from the Shanghai National Police database, including names, addresses, national identification numbers and cell phone numbers, and case details.

A sample of data viewed by The Associated Press listed names, dates of birth, ages and cell phone numbers. One individual was listed as born “2020” with their age as “1”, suggesting that information about minors was included in the data obtained at the breach.

advertisement

The Associated Press could not immediately verify the authenticity of the data samples. Shanghai police did not immediately respond to a request for comment.

The data leak initially sparked discussions on Chinese social media platforms like Weibo, but censors have since moved to block keyword searches for “Shanghai data leak.”

One person said they were skeptical until they managed to verify some of the personal information leaked online by trying to search for people on Alipay using their personal information.

“Everyone please be careful in case there is more phone scams in the future!” they said in a Weibo post.

Another person commented on Weibo that the leak means everyone is “walking around naked” — slang that refers to a lack of privacy — and that it’s “awful.”

Experts said the breach, if confirmed, would be the largest in history.

Kendra Schaefer, a technology partner at political research firm Trivium China, said in a tweet that it’s “difficult to analyze the truth from the rumor mill but can confirm the file exists.”

advertisement

According to Michael Gazeley, CEO of Hong Kong-based security firm Network Box, such data leaks are fairly common.

“There are currently approximately 12 billion compromised accounts on the dark web. That’s more than the total number of people in the world,” he said, adding that a majority of data leaks often come from the US

Chester Wisniewski, senior research scientist at cybersecurity firm Sophos, said the breach was “potentially incredibly embarrassing for the Chinese government” and the political harm likely outweighed the harm to the people whose data was leaked.

Most of the data is similar to what advertising companies running banner ads would have, he said.

“When you talk about the information of a billion people and it’s static information, it’s not about where they traveled, who they communicated with or what they did, then it becomes a lot less interesting,” he said Wisniewski.

advertisement

However, once hackers get data and put it online, it is impossible to remove it completely.

“Once information is released, it’s out there forever,” Wisniewski said. “So if anyone believes their information was part of this attack, they must assume that it is available to everyone forever, and they should take precautions to protect themselves.”

A major cryptocurrency exchange said it has strengthened verification procedures to guard against scam attempts, such as B. Using personal information from the reported hack to take over people’s accounts.

Zhao Changpeng, CEO of Binance, a cryptocurrency exchange, said in a tweet Monday that his threat intelligence spotted the sale of “1 billion population records.”

“This has implications for hacker detection/prevention measures, mobile phone numbers used for account takeovers, etc.” Zhao wrote in his tweets before saying that Binance had already stepped up verification measures.

advertisement

In 2020, several U.S. federal agencies such as the State Department, Department of Homeland Security, telecom companies, and defense contractors were compromised by a major cyberattack believed to have originated from Russian hackers.

Last year, over 533 million Facebook users had their data published on a hacking forum after hackers deleted their data due to a vulnerability that has since been patched.

——

AP journalist Emily Wang in Beijing and researcher Chen Si in Shanghai contributed to this report.

Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, transcribed or redistributed without permission.

https://www.local10.com/tech/2022/07/05/alleged-chinese-police-database-hack-leaks-data-of-1-billion/ Alleged database hack by Chinese police reveals data of 1 billion

Sarah Y. Kim

InternetCloning is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@internetcloning.com. The content will be deleted within 24 hours.

Related Articles

Back to top button