A hacker claims to have stolen a billion records of personal information of Chinese citizens from the Shanghai Police Station – in what cybersecurity experts are calling the largest data breach in Chinese history.
Last week, a user named “ChinaDan” posted on Breach Forums and offered to sell more than 23 terabytes (TB) of data for 10 bitcoin (about $200,000).
“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains a lot of TB of data and information about billions of Chinese citizens,” the message said:†
“Databases contain information about 1 billion Chinese national residents and several billion records, including: name, address, place of birth, national ID number, mobile number, all details of crime/cases.”
Massive Civilian Data Breach If Confirmed: A hacker sells an alleged data breach from the Shanghai police force containing the names, home addresses, ID #, phone #, criminal records, etc. of 1 billion Chinese citizens. Hacker says it comes from Aliyun (Alibaba) private cloud server. pic.twitter.com/IRPG35SWYI
— Zeyi Yang (@ZeyiYang) July 3, 2022
HackerDan has released several sample data sets as evidence: one with delivery addresses and instructions for drivers; another with police data; and the latter containing personal information such as the person’s name, home address, national ID number, height and gender.
Media outlets have confirmed that the sample describes real people.
I was really stunned when the first person picked up – I really believed the whole thing was fake. By the third, I was shaking – both with the nerves of trying to explain why I had their extremely personal information and the weight of realizing what this leak could mean to so many.
— Karen Hao 郝珂灵 (@_KarenHao) July 4, 2022
While the extent of the leak described in the post has not yet been confirmed, it has generated a lot of curiosity and media attention both in China and abroad. Chinese social tools Weibo and WeChat lit up this weekend as people worried about the implications.
The discussion became so widespread that, according to Reuters’ sources, Weibo blocked #dataleak from trending on Sunday.
On Monday, Binance founder and CEO Zhao Changpeng tweeted that they had discovered the breach of a billion population records “from one Asian country”, although it is not clear how Binance – the world’s largest cryptocurrency exchange – detected the breach. .
Binance has strengthened its user verification procedures since it became aware of the issue, Changpeng added.
Our threat intelligence has detected 1 billion resident records for sale on the dark web, including name, address, ID, mobile, police and medical records from one Asian country. Probably due to a bug in an Elastic Search implementation by a government agency. This affects…
— CZ 🔶 Binance (@cz_binance) July 3, 2022
If the breach is confirmed to be genuine, it would be “bad, for a number of reasons,” said Kendra Schaefer, a partner at the consulting firm Trivium China.
“Obviously this would be one of the biggest and worst breaches in history.”
It is unclear how the suspected attackers gained access to Shanghai’s police systems.
Security experts have put forward a number of theories; for example, blaming a third-party cloud infrastructure partner, such as Tencent, Huawei or Alibaba†
One of the reasons the breach would contain so much information is that the Shanghai Police Force would have had access to a national data-sharing system, which would allow access to more information than a regional police authority would otherwise have.
In recent years, China has been accused of using state-backed hackers for espionage. Now reports are appearing that the hackers’ data may also have been compromised.
Due to a lack of transparency in reporting, domestic infringements in China rarely come to light.
Weibo, which provides a service similar to Twitter, said in 2020 that hackers claimed to have stolen account information for more than 538 million users; however, sensitive data was not made public during the breach.
The Victims of Communism Memorial Foundation, a Washington rights organization, claimed this year that tens of thousands of allegedly hacked files from China’s remote Xinjiang province provided further evidence of the mistreatment of the Uyghur people in the country.