HONG KONG (AFP) – Hackers claim to have obtained a trove of data on one billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the biggest data breaches in history.
In a post on the online hack forum, Breach Forums last week, someone using the handle “ChinaDan” offered to sell nearly 24 terabytes (24 terabytes) of data including what they claimed was information on 1 billion people and “several billions of case records” 10 bitcoins, worth about 200 thousand dollars.
The data allegedly includes information from the Shanghai National Police database including names, addresses, national identification numbers and mobile phone numbers as well as case details.
A sample of data seen by the Associated Press included the list, dates of birth, ages, and cell phone numbers. One person is listed as being born in “2020”, with their age listed at “1”, indicating that information about minors was included in the data obtained in the breach.
The Associated Press was unable to immediately verify the authenticity of the data samples. Shanghai police did not immediately respond to a request for comment.
The data leak initially sparked discussion on Chinese social media platforms such as Weibo, but censors have since moved to block searches for keywords for “Shanghai data leak”.
One person said they were skeptical until they were able to verify some of the personal data leaked online by trying to search for people on Alipay using their personal information.
“Everyone, please be careful if more phone scams happen in the future!” They said in a Weibo post.
Another person commented on Weibo that the leak means everyone is “running naked” – a slang used to refer to a lack of privacy – which is “terrifying”.
Experts said the breach, if confirmed, would be the largest in history.
Kendra Schaefer, technology partner at policy research firm Trivium China, said in a tweet that “it’s hard to parse the truth from the rumor mill, but the existence of the file can be confirmed.”
Such data leaks are fairly common, according to Michael Gazeli, managing director of Hong Kong-based security firm Network Box.
“There are approximately 12 billion hacked accounts published on the Dark Web at the moment. That is more than the total number of people in the world,” he said, adding that the majority of data leaks often come from the United States.
Chester Wisniewski, principal research scientist at cybersecurity firm Sophos, said the breach was “unbelievably embarrassing for the Chinese government,” and the political damage may outweigh the damage to the people whose data was leaked.
Most of the data, he said, is similar to what advertising companies that display banner ads can have.
“When you’re talking about a billion people’s information and it’s fixed information, it’s not about where they’ve traveled to, who they’ve been in contact with or what they’ve been doing, then it gets less interesting,” Wisniewski said.
However, once the hackers get hold of the data and put it online, it becomes impossible to completely remove it.
“The information, once released, is there forever,” Wisniewski said. “So if someone thinks their information was part of this attack, they have to assume it is forever available to anyone and they should take precautions to protect themselves.”
One major cryptocurrency exchange said it has ramped up verification measures to guard against fraud attempts such as using personal information from a reported hack to take over people’s accounts.
Zhao Changpeng, CEO of cryptocurrency exchange Binance, said in a tweet Monday that its threat intelligence had revealed the sale of “one billion resident records.”
“This has an impact on the procedures for detecting/blocking hackers, the mobile phone numbers used for the account, etc.” Zhao wrote in his tweets, before saying that Binance had already stepped up verification procedures.
In 2020, a major cyber attack believed to be by Russian hackers caused the infiltration of several US federal agencies such as the State Department, the Department of Homeland Security, telecommunications companies, and defense contractors.
Last year, the data of more than 533 million Facebook users was posted to a hacking forum after hackers deleted their data due to a vulnerability that has since been patched.
——
Associated Press journalist Emily Wang in Beijing and researcher Chen Si in Shanghai contributed to this report.
