Hackers Claim Theft of Police Info in China’s Largest Data Leak

Discussion in 'Networking and Security' started by themickey, Jul 4, 2022.

  1. themickey

    themickey

    Technology
    Cybersecurity
    Hackers Claim Theft of Police Info in China’s Largest Data Leak
    • Unknown cyberattackers claim to have info on a billion Chinese
    • The claim triggered speculation online and in security circles
    By Sarah Zheng 4 July 2022
    https://www.bloomberg.com/news/arti...n-china-s-largest-data-leak?srnd=premium-asia

    Unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database, in what industry experts are calling the largest cybersecurity breach in the country’s history.

    The person or group claiming the attack has offered to sell more than 23 terabytes of stolen data from the database, including names, addresses, birthplaces, national IDs, phone numbers and criminal case information, according to an anonymous post on an online cybercrime forum last week. The unidentified hacker was asking for 10 bitcoin, worth around $200,000.

    The scale of the alleged leak has sent shockwaves through the Chinese security community, triggering speculation about the credibility of the claim and how it could have taken place. Zhao Changpeng, founder and Chief Executive Officer of cryptocurrency exchange Binance, tweeted on Monday the company had detected the breach of a billion resident records “from one Asian country,” without specifying which, and had since increased verification procedures for potentially affected users.

    Shanghai authorities have not publicly responded to the purported hack. Representatives for the city’s police and Cyberspace Administration of China, the country’s internet overseer, did not immediately respond to faxed requests for comment.

    The US and other nations have repeatedly identified China as one of the world’s biggest sources of cybercriminals, which they say infiltrate systems on behalf of domestic agencies in search of valuable data or intellectual property.

    Domestic breaches are however rarely disclosed because of a lack of transparent reporting mechanisms. In 2016, personal information on dozens of Communist Party officials and industry figures from Jack Ma to Wang Jianlin was said to have been exposed on Twitter, in one of the country’s biggest online leaks of sensitive information at the time. In 2020, the Twitter-like service Weibo Corp. said hackers claimed to have stolen account information for more than 538 million of its users, though sensitive data such as passwords was not leaked. And this year, tens of thousands of seemingly hacked files from China’s remote Xinjiang region provided fresh evidence of the abuse of mostly Muslim ethnic Uyghurs, according to a rights group.

    The latest alleged incident again underscored the challenges facing Beijing as it collects data on hundreds of millions of people while tightening policing of sensitive online content. Under Chinese law, the exposure of personal information can result in jail terms.

    It’s unclear how the alleged cyberattackers in this month’s breach gained access to Shanghai police servers. One popular theory circulated online among cybersecurity experts was that the breach involved a third-party cloud infrastructure partner. Alibaba Group Holding Ltd., Tencent Holdings Ltd. and Huawei Technologies Co. are among the country’s biggest external cloud services.

    — With assistance by Coco Liu, and Dong Cao
     
    guru and Snuskpelle like this.
  2. Worth more than 200k
     
  3. Tokenz

    Tokenz

    Wow, imagine that, something besides crypto exchanges can get hacked as well. And a government website at that.

    But go on, keep putting trust in your government
     
    NoahA, themickey and Trader Curt like this.
  4. RedDuke

    RedDuke

    I trust Fed a lot more than 4 jokers at BitFinex that’s for sure
     
  5. Tokenz

    Tokenz

    You go then libitarian!
     
  6. NoahA

    NoahA

    The Fed just steals your money too, albeit more slowly.
     
  7. TheDawn

    TheDawn

    After stealing the data of a billion people and all they wanted was payment in bitcoins that's crashing right now? LOL Yeah ok, we believe you.