SHANGHAI: A hacker has claimed to have obtained a trove of personal information from the Shanghai police on one billion Chinese citizens, which, if true, would be one of the largest data breaches in the history of the world. Tech experts say this would be one of the most significant data breaches in history.
Last week, an anonymous internet user who goes by the name “ChinaDan” posted on the hacker forum Breach Forums offering to sell more than 23 terabytes (TB) of data for the equivalent of 10 bitcoin, which is around $200,000 at the current exchange rate.
The database of the Shanghai National Police (SHGA) was compromised in the year 2022. According to the post, “This database has many terabytes of data and information on billions of Chinese people.”
“Databases hold information on 1 billion Chinese national citizens and several billion case records, including name, residence, birthplace, national ID number, cellphone number, as well as all criminal and case details.”
On Monday, neither the administration of Shanghai nor the police department responded to demands for comment on the situation.
Throughout the weekend, the message was the subject of extensive conversation on the social media platforms Weibo and WeChat in China, with many users expressing their concern that it might be true.
By the afternoon of Sunday, the hashtag “data leak” had been removed from use on Weibo.
In a post that she made on Twitter, Kendra Schaefer, who is the head of ICT policy research at the Beijing-based consultancy Trivium China, claimed that it was “impossible to parse fact from the rumor mill.”
Schaefer stated that the information would be harmful to “a lot of reasons” if it were true that the material the hacker claimed to have originated from the Ministry of Public Security.
She stated that it would most obviously be among the largest and worst breaches in the history of the world.
Binance’s CEO, Zhao Changpeng, announced on Monday that the cryptocurrency exchange had increased the number of steps required to verify a user’s identity. This announcement came after the exchange’s threat intelligence uncovered the sale of records containing the personal information of one billion residents of an Asian country on the dark web.
On Twitter, he suggested that a leak might have occurred as a result of “a problem in an Elastic Search deployment by a (government) agency,” although he did not specify whether or not he was referring to the Shanghai police investigation.
Later in the day, he sent another message on Twitter in which he stated, “apparently, this vulnerability occurred because the gov developer created a tech blog on CSDN and unintentionally included the credentials.” He was referring to the China Software Developer Network (CSDN) when he made this statement.
Elastic, a firm that develops software, has stated that it is inaccurate to point to it as the source of the hack. On Wednesday, the Shanghai authorities did not reply promptly to a request for a remark that was sent to them.
China has promised to tighten the security of online user data privacy, urging its tech titans to ensure safer storage after public complaints about mishandling and exploitation of data. The claim of a hack comes at the same time that China has made these promises.
A new set of regulations governing the proper management of personal information and data that is generated within China’s borders were enacted in China last year.
Several Russian military research and development institutes were targeted by Chinese hackers on March 23 for allegedly sending malware links to scientists and engineers working on the country’s security systems.
According to a report by Israeli-American cybersecurity firm Check Point, the emails sent by Russia’s Ministry of Health contained a list of “persons under U.S. sanctions for invading Ukraine” that were sent by state-sponsored hackers in China to lure their Russian targets into downloading and opening a document containing malware.
China appears to view Russia as an appropriate target for information theft regarding critical military-technical assets despite the nations’ growing relationship, according to Check Point’s study.
Russian-Chinese relations appear to be more complicated than previously thought because of China’s efforts to spy on Russia, according to a new investigation.
Itay Cohen, the chief of cyber research at Check Point, was reported as saying, “This is a clever attack.” Additionally, he stated that it displayed capabilities that are “typically reserved for state-backed intelligence services.” He claimed that the hacker’s utilized techniques and codes that were similar to those used by hacking groups linked to the Chinese government in earlier attacks.
According to Check Point’s findings, the Chinese effort specifically targeted Russian research institutes involved in airborne satellite communications, radar, and electronic warfare.
Xi Jinping, China’s autocratic leader, has perfected Beijing’s approach to cyberspying, becoming a considerably more skilled operator over the past decade, according to the New York Times.
China’s “systematic and long-term endeavor to attain Chinese strategic objectives in technological superiority and military power,” according to Check Point’s assessment, “could serve as more evidence of the employment of espionage.”
According to security specialists and an announcement from Ukraine’s cybersecurity agency, Chinese hackers began targeting Ukrainian firms towards the end of March.
The New York Times claimed, citing SentinelOne security analysts, that a hacker group known as Scarab provided a paper to Ukrainian groups with instructions on how to record proof of Russian war crimes but also malware that may harvest information from affected computer systems.
Also in March, a Chinese hacking group known as Mustang Panda circulated fake EU reports about border circumstances between Ukraine and Belarus to European targets while claiming to be from the European Union.
According to Cisco Talos analysts, “one thing remains similar throughout all of these activities — Mustang Panda is looking to execute espionage campaigns.”
The New York Times reported that the cyberattacks on the Rostec institutes are principally focused on the development of airborne radar and devices that can, among other things, destroy adversary radar and identification systems.
Russian President Vladimir Putin established Rostec Corporation in 2007 and it has since become one of Russia’s major military businesses, managing hundreds of research and manufacturing facilities for high-end defense technology and aircraft engines.