Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 26 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Hacker Claims to Have Stolen Information on 1 Billion Chinese Citizens

If proven accurate, the attack would be the largest in history.

by Guru Writer
July 5, 2022
in Cyber Bites
Hacker Claims to Have Stolen Information on 1 Billion Chinese Citizens
Share on FacebookShare on Twitter

An anonymous threat actor is selling several databases which they claim contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approx. $195,000).

The announcement was posted on a hacker forum by a user with the handle ‘China Dan,’ saying that the information was leaked from the Shanghai National police (SHGA) database.

The information they shared about the allegedly stolen data suggests that these databases contain Chinese national residents’ names, addresses, national ID numbers, several billion criminal records, and contact information numbers.

ChinaDan shared a sample with 750,000 records containing delivery information, police call records, and ID information. These records would allow interested buyers to verify that the data for sale is not fake.

The threat actor stated in a post that: “In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizens.”

“Databases contain information on 1 Billion Chinese national residents and several billion case records, including: Name, Address, Birthplace, National ID Number, Mobile number, All Crime / Case details.”

The threat actor confirmed that data was exfiltrated from a local private cloud provided by Aliyun (Alibaba Cloud), part of the Chinese police network (public security network).

On Sunday, Binance CEO Zhao Changpeng confirmed that his company’s threat intelligence experts spotted ChinaDan’s claims and said that the leak likely originated from an ElasticSearch database that a Chinese government agency accidently exposed online.

Zhao added, “our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency.”

“This has impact on hacker detection/prevention measures, mobile numbers used for account takeovers, etc.”

Zhao added that “apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.”

If Chinadan’s claims are accurate, this attack would be the most significant data breach ever impacting China and one of the largest in history.

 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Dutch University Turns a Profit on Ransomware Payment

Next Post

Ukrainian Authorities Arrest Phishing Gang For Embezzling 100 Million UAH

Recent News

Synopsys discover new vulnerability in Pluck Content Management System

Synopsys discover new vulnerability in Pluck Content Management System

March 24, 2023
Dole Food Company

Dole confirms employee data was breached following February ransomware attack

March 24, 2023
call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information