A hacker gains access to one billion records of Chinese citizens’ data and attempts to sell it on the dark web. A Chinese government developer might be responsible for the data leak by mistakenly including it in a tech blog posted on the China Software Developer Network (CSDN).
Chinese Gov. Developer Included Citizens’ Data in Tech Blog on CSDN
An anonymous internet user, identified as “ChinaDan“, posted on hacker forum Breach Forums last week offering to sell more than 23 terabytes (TB) of data for 10 bitcoin , equivalent to about $200,000. The user identified in the post about the sale that the Shanghai National Police Database was leaked and the data contained records of one billion Chinese citizens.
The hacker is unidentified and there have been no comments on the case by the Shanghai government or the police department addressing the issue.
The CEO of Binance, Changpeng Zhao, said in a tweet earlier this week that their threat and intelligence agency detected the records on the dark web for sale, which included names, addresses, national IDs, mobile phones, police and medical records from one Asian country. He attributed the issue to a bug in an ‘Elastic Search deployment’ by a government agency.
He later posted that the exploit could have happened because a government developer could have mistakenly included the data in a tech blog posted on CSDN.
Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on …
— CZ 🔶 Binance (@cz_binance) July 3, 2022
On the matter, Kendra Schaefer, head of tech policy research at Beijing-based consultancy Trivium China, said in a post on Twitter that it was “hard to parse truth from rumour mill”.
“if the material the hacker claimed to have came from the Ministry of Public Security, it would be bad for a number of reasons.” She said, “Most obviously, it would be among the biggest and worst breaches in history.“
On Twitter, Changpeng Zhao also stated that this event has an impact on hacker detection and prevention measures, mobile numbers used for account takeover, etc. He mentioned that Binance has adjusted security measures in this aspect in consideration of the users that may be affected. He also called out to other platforms operating within the region of the affected parties to improve their security protocols in this regard.
The hacking claim comes at a time when China has committed to strengthening the security of internet user privacy, ordering its tech titans to ensure safer storage in response to widespread complaints about improper handling and abuse.
TOP 10 CRYPTOCURRENCY
|#||Name||Price||Market Cap||Change||Price Graph (24h)|