Hacker Cyber Attck Ilutration | Pic by Freepik |
Recently, a hacker group or person claimed to have stolen data containing information about 1 billion Chinese citizens from the Shanghai police database.
Quoting Bloomberg via Engadget, Tuesday (5/7/2022), this hacker is trying to sell 23 terabytes (TB) of this data for 10 bitcoins (around Rp. 3 billion).
The hacker with the account name 'ChinaDan' on this hacker forum said the stolen data contained the names, addresses, places of birth, ID cards, and phone numbers of Chinese citizens.
ChinaDan also shared a sample of 750,000 documents containing shipping information, identification, and police summons in his posts on the forum.
With this document, the seller hopes that interested buyers can easily verify the data being sold is genuine.
"In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains data and information up to TB about billions of Chinese citizens," wrote the theft perpetrator in his post.
The hacker said the data was stolen by accessing Aliyun's local private cloud (Alibaba Cloud), part of the Chinese police network.
Binance CEO Zhao Changpeng confirmed that his company's cybersecurity intelligence expert confirmed ChinaDan's claim.
He also said the leak was likely caused by the ElasticSearch database being accidentally exposed by a Chinese government agency online.
"This has an impact on hacker detection/prevention measures, mobile numbers used for account takeovers, etc."
Zhao added, "apparently, this exploit happened because a government developer wrote a technology blog on CSDN and accidentally entered credentials."
If ChinaDan's claims are proven to be accurate, it will be the biggest data leak in China and in history.