Hacker Steals Personal Details Of 1 Bln Chinese Citizens, Puts It On Sale

Posted on

A hacking group in China has claimed to have access to the personal data of around 1 billion Chinese citizens from the Shanghai National Police database, the Wall Street Journal reported on Monday. If the news is confirmed, then this incident would be one of the largest personal data breaches in history.

A post advertising the availability of the data was published by the hacker on a popular online cybercrime forum. The post, which began circulating on social media over the weekend, put the price for the leak at 10 Bitcoin, or roughly $200,000.

Cybersecurity experts say the claimed hack is alarming not just for its alleged size, which would rank among the biggest ever recorded and the largest known for China but also because of the sensitivity of the information contained in the government database.

A sample of the data posted online, who claimed it included 750,000 records, contained individuals’ personal names, national ID numbers, phone numbers, birthdays and birthplaces, as well as detailed summaries of crimes and incidents reported to the police. The cases ranged from incidents of petty theft and cyber fraud to reports of domestic violence, dating as far back as 1995 to as recently as 2019.

The hackers said that they had 24 terabytes of data, consisting of billions of personal records including names, birth dates, addresses, mobile phone numbers and national identification numbers.

Though it is yet to be known who was behind the leak or how they obtained the data, a user identified only as “ChinaDan” offered the data for sale on the hacking forum Breach Forums last week.

As per reports, cybersecurity experts remain cautious, however, about believing all of the hackers’ claims. Troy Hunt, a web-security consultant based in Australia, said the sheer size of the database, which would include the majority of China’s population of 1.4 billion people, drew some suspicion, as did the anonymity of the user who posted the information.

While most hackers are driven by financial motives, the solicitation for a large sum of money also raises the possibility that the claim has been exaggerated or falsified, Hunt said.

Source: Read Full Article