Unknown hackers have claimed to have stolen data on as many as a billion mainland Chinese residents and are attempting to sell the data on a hacking forum.
The data is alleged to have been stolen from the Shanghai National Police database and is said to total 22 terabytes. The data includes names, addresses, national ID numbers, contact information and criminal records.
Bleeping Computer reported today that the hacker or hackers, going by the name of “ChinaDan” shared a sample of 750,000 records containing delivery information, ID information and police records. Hackers typically release a sample of stolen data to prove that what they are offering for sale is legitimate.
ChinaDan claimed that the data was stolen from a local private cloud provided by Alibaba Cloud, which is part of China’s public security network. The hacker or hackers is asking for a payment of 10 bitcoin, currently worth just over $20,000, to purchase the stolen data.
The listing for the stolen data appears on the BreachForums hacking forum, a site reported by some to be the successor to the now-closed RaidForums, even down to its look and users. RaidForums was taken offline as part of an international effort in April.
Giving some credence to the allegedly stolen data being legitimate, Zhao Changpeng, founder and chief executive officer of Binance, tweeted that the company had detected a breach of a billion records “from one Asian country.” In response, Binance has increased verification procedures for potentially affected users.
Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on …
— CZ 🔶 Binance (@cz_binance) July 3, 2022
In a later tweet, Zhao claimed that the exploit occurred because a government developer wrote a blog post on the network and accidentally included the credentials.
Apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.
1 billion records of private citizens’ data. 😭