Anonymous hacker demands 10 bitcoin to sell stolen records of 1 billion Chinese citizens, one of the biggest data breaches in history
By some estimates, one cyber attack takes place every 39 seconds. That equates to about more than 2,200 cyberattacks per day. Just this morning, we told you about how hackers breached the social media accounts of the British Army to promote cryptocurrency scams.
Now, there’s a new report that just came out from Reuters that an anonymous internet user, identified as “ChinaDan,” claimed to have stolen 1 billion records of Chinese citizens from police. If true, cyber experts say it would be one of the biggest data breaches in history.
It all started last week after ChinaDan posted on the hacker forum Breach Forums and offered to sell more than 23 terabytes (TB) of data for 10 bitcoin, equivalent to about $200,000, Reuters reported.
In a post, ChinaDan wrote: “In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizen.”
He went on to say that the “Databases contain information on 1 Billion Chinese national residents and several billion case records, including name, address, birthplace, national ID number, mobile number, all crime/case details.”
The authenticity of the post, which was widely discussed on China’s Weibo and WeChat social media platforms over the weekend, has not been verified. However, many Chinese users were worried the post could be real. As of Monday, the Shanghai authorities and police department have not responded to requests for comment.
Weibo decided to block the hashtag “data leak” on Sunday afternoon. Kendra Schaefer, head of tech policy research at Beijing-based consultancy Trivium China, said in a post on Twitter it was “hard to parse truth from the rumor mill.”
It's unclear who's at fault — some of the internet comments state one of the developers posted an access key on his blog, which was then exploited by the hackers. In any case, heads will roll over this one. 7/7
— Kendra Schaefer 凯娜 (@kendraschaefer) July 4, 2022
She also added that “It’s hard to parse truth from rumor mill, but can confirm file exists. If the source is indeed MPS, that would be, erm… bad, for a number of reasons. Most obviously, it would be among biggest and worst breaches in history. Alleged screenshots: 2/7.”
It's hard to parse truth from rumor mill, but can confirm file exists. If the source is indeed MPS, that would be, erm… bad, for a number of reasons. Most obviously, it would be among biggest and worst breaches in history. Alleged screenshots: 2/7 https://t.co/MpLQSiYzGS
— Kendra Schaefer 凯娜 (@kendraschaefer) July 4, 2022
If the material the hacker claimed to have came from the Ministry of Public Security, it would be bad for “a number of reasons”, Schaefer said. “Most obviously it would be among the biggest and worst breaches in history,” she said.