⏳ Final hours! Save up to 60% OFF InvestingProCLAIM SALE

Hacker claims to have stolen 1 billion records of Chinese citizens from police

Published 07/06/2022, 12:14 AM
Updated 07/06/2022, 12:15 AM
© Reuters. A police officer in a protective suit checks on a commuter at a subway station, after the lockdown placed to curb the coronavirus disease (COVID-19) outbreak was lifted in Shanghai, China June 2, 2022. REUTERS/Aly Song/File Photo
TWTR
-
WB
-
ESTC
-

SHANGHAI (Reuters) -A hacker has claimed to have procured a trove of personal information from the Shanghai police on one billion Chinese citizens, which tech experts say, if true, would be one of the biggest data breaches in history.

The anonymous internet user, identified as "ChinaDan", posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin, equivalent to about $200,000.

"In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizen," the post said.

"Databases contain information on 1 Billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details."

Reuters was unable to verify the authenticity of the post.

The Shanghai government and police department did not respond to requests for comment on Monday.

Reuters was also unable to reach the self-proclaimed hacker, ChinaDan, but the post was widely discussed on China's Weibo (NASDAQ:WB) and WeChat social media platforms over the weekend with many users worried it could be real.

The hashtag "data leak" was blocked on Weibo by Sunday afternoon.

Kendra Schaefer, head of tech policy research at Beijing-based consultancy Trivium China, said in a post on Twitter (NYSE:TWTR) it was "hard to parse truth from rumour mill".

If the material the hacker claimed to have came from the Ministry of Public Security, it would be bad for "a number of reasons", Schaefer said.

"Most obviously it would be among biggest and worst breaches in history," she said.

Zhao Changpeng, CEO of Binance, said on Monday the cryptocurrency exchange had stepped up user verification processes after the exchange's threat intelligence detected the sale of records belonging to 1 billion residents of an Asian country on the dark web.

He said on Twitter that a leak could have happened due to "a bug in an Elastic (NYSE:ESTC) Search deployment by a (government) agency", without saying if he was referring to the Shanghai police case.

He posted again on Twitter later in the day, saying: "apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials", referring to the China Software Developer Network.

Software company Elastic said it was incorrect to cite it as the source of the breach. The Shanghai government did not immediately respond to a request for comment on Wednesday.

© Reuters. A police officer in a protective suit checks on a commuter at a subway station, after the lockdown placed to curb the coronavirus disease (COVID-19) outbreak was lifted in Shanghai, China June 2, 2022. REUTERS/Aly Song/File Photo

The claim of a hack comes as China has vowed to improve protection of online user data privacy, instructing its tech giants to ensure safer storage after public complaints about mismanagement and misuse.

Last year, China passed new laws governing how personal information and data generated within its borders should be handled.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.