Unknown hackers claim to have hacked the Shanghai police database and stolen data on one billion Chinese residents. Industry experts consider the leak to be the largest cybersecurity breach in the country’s history. This is reported by Bloomberg.
According to the attackers, more than 23 terabytes of data were in their hands – including people’s names, addresses, places of birth, social security numbers, phone numbers, and criminal records. Hackers plan to sell all this for 10 bitcoins worth about $200,000.
The extent of the leak has alarmed security officials in China, prompting speculation about the veracity of the claim and how the leak could have happened in the first place. Zhao Changpeng, founder and CEO of Binance cryptocurrency exchange, reported on Monday that the company discovered a data leak of a billion people “from a country in Asia.” Currently, the platform has strengthened the verification of users whose data could have reached the attackers.
Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on …
— CZ 🔶 Binance (@cz_binance) July 3, 2022
It is not clear how the hackers were able to access the Shanghai police servers this time. One popular theory among cybersecurity experts is that China’s third-party cloud infrastructure partner was involved in the hack. These include, for example, Alibaba Group Holding Ltd., Tencent Holdings Ltd., and Huawei Technologies Co.
Shanghai authorities did not publicly react to the event. Representatives of the city’s police and the Cyberspace Administration of China also declined to comment.
The United States and other countries have repeatedly pointed to China as one of the largest centers of cybercrime. However, such events rarely became known due to the lack of transparent reporting.