Hacker Claims to have Personal Information of 1 billion Chinese Citizens

According to a study by IBM, data breaches cost companies an average of $4.24 million in 2021. The most common initial attack vector was compromised credentials, responsible for 20% of breaches.
Sputnik
A hacker is selling a data trove of over 23 terabytes of data allegedly containing the personal information and records of over 1 billion Chinese citizens.
The pseudonymous hacker going by the name “ChinaDan” posted on the hacker-frequented Breach Forums, offering to sell the data he says came from the Shanghai police department for 10 bitcoins, currently worth $202,660.
The leak has not yet been confirmed as legitimate, and some of the phone numbers listed in the sample have since been disconnected, according to The Guardian. However, that does not mean the data is illegitimate, just that some of the information it contains may be out of date.
British Army's Twitter, YouTube Accounts Get Hacked... to Promote NFTs
ChinaDan’s post went viral on the Chinese social media site Weibo and chat application WeChat, causing the hashtag “Shanghai Data breach” to be banned on Weibo, though that has not stopped Chinese netizens from discussing the leak.
“Databases contain information on 1 billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details,” the hacker posted on Breach Forums.
This is the latest in a string of data breaches to hit China, including a leak in 2016 that resulted in the personal information of several high-profile Chinese citizens being leaked online, including Alibaba founder Jack Ma.
If the data is legitimate, this latest hack would be one of the largest in history.
Russia
Russian UN Envoy: Ukraine and US Breach Biological Weapons Convention, There's Data Proving It
On Sunday, Zhao Changpeng, CEO of the Chinese-based cryptocurrency exchange Binance posted on Twitter that the company’s threat intelligence spotted the sale of the personal information of 1 billion residents of an Asian country on the dark web. While he did not mention the Shanghai hack specifically, it seems likely that it was the hack he was referring to. Zhao says that the exchange is stepping up its user verification process for those affected by the hack.
On Monday, Zhao mentioned a theory on how the leak could have happened, pointing to a blog post by a government developer that may have included the database credentials.
China passed legislation last year mandating how companies handle personal information and data.
Discuss