Alleged Chinese police database hack leaks data of 1 billion

Jul 5, 2022, 4:51 AM | Updated: Jul 7, 2022, 3:38 pm
A police officer watch over a road junction with traffic lights, Tuesday, May 31, 2022, in Shanghai...

A police officer watch over a road junction with traffic lights, Tuesday, May 31, 2022, in Shanghai. Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the largest data breaches in history. (AP Photo/Ng Han Guan)

(AP Photo/Ng Han Guan)

HONG KONG (AP) — Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the largest data breaches in history.

In a post on the online hacking forum Breach Forums last week, someone using the handle “ChinaDan” offered to sell nearly 24 terabytes (24 TB) of data including what they claimed was information on 1 billion people and “several billion case records” for 10 Bitcoin, worth about $200,000.

The data purportedly includes information from the Shanghai National Police database including names, addresses, national identification numbers and mobile phone numbers as well as case details.

A sample of data seen by The Associated Press listed names, birthdates, ages and mobile numbers. One person was listed as having been born in “2020,” with their age listed as “1,” suggesting that information on minors was included in the data obtained in the breach.

The Associated Press could not immediately verify the authenticity of the data samples. Shanghai police did not immediately respond to a request for comment.

The data leak initially sparked discussion on Chinese social media platforms such as Weibo, but censors have since moved to block keyword searches for “Shanghai data leak.”

One person said they were skeptical until they managed to verify some of the personal data leaked online by attempting to search for people on Alipay using their personal information.

“Everyone, please be careful in case there are more phone scams in the future!” they said in a Weibo post.

Another person commented on Weibo that the leak means everyone is “running naked” — slang used to refer to a lack of privacy — and it’s “horrifying.”

Experts said the breach, if confirmed, would be the biggest in history.

Kendra Schaefer, a partner for technology at policy research firm Trivium China, said in a tweet that it’s “hard to parse truth from the rumor mill, but can confirm file exists.”

Such data leaks are fairly common, according to Michael Gazeley, managing director at Hong Kong-based security firm Network Box.

“There are approximately 12 billion compromised accounts posted on the Dark Web right now. That’s more than the total number of people in the world,” he said, adding that a majority of data leaks often come from the U.S.

Chester Wisniewski, principal research scientist at cybersecurity firm Sophos, said that the breach is “potentially incredibly embarrassing to the Chinese government,” and the political harm would probably outweigh damage to the people whose data was leaked.

Most of the data is similar to what advertising companies that run banner ads would have, he said.

“When you’re talking about a billion people’s information and it’s static information, it’s not about where they traveled, who they communicated with or what they were doing, then it becomes very much less interesting,” Wisniewski said.

Still, once hackers get data and put it online it’s impossible to fully remove.

“The information, once it’s unleashed, is forever out there,” Wisniewski said. “So if someone believes their information was part of this attack, they have to assume it’s forever available to anyone and they should be taking precautions to protect themselves.”

A major cryptocurrency exchange said it had stepped up verification procedures to guard against fraud attempts such as using personal information from the reported hack to take over people’s accounts.

Zhao Changpeng, CEO of Binance, a cryptocurrency exchange, said in a tweet Monday that its threat intelligence had detected the sale of “1 billion resident records.”

“This has impact on hacker detection/prevention measures, mobile numbers used for account take overs, etc.” Zhao wrote in his tweets, before saying that Binance had already stepped up verification measures.

In 2020, a major cyberattack believed to be by Russian hackers compromised several U.S. federal agencies such as the State Department, the Department of Homeland Security, telecommunications firms and defense contractors.

Last year, over 533 million Facebook users had their data published in a hacking forum after hackers scraped its data due to a vulnerability that has since been patched.

—-

AP journalist Emily Wang in Beijing and researcher Chen Si in Shanghai contributed to this report.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - Law enforcement personnel escort the Trump Organization's former Chief Financial Officer All...
Associated Press

Trump Org. CFO to plead guilty, testify against company

NEW YORK (AP) — Donald Trump’s chief financial officer is expected to plead guilty to tax violations Thursday in a deal that would require him to testify about illicit business practices at the former president’s company, two people familiar with the matter told The Associated Press. Allen Weisselberg is charged with taking more than $1.7 […]
17 hours ago
Associated Press

Suspect in New Mexico Muslim killings detained pending trial

ALBUQUERQUE, N.M. (AP) — An Afghan refugee charged in the shooting deaths of two Muslim men and suspected in the killing of two others was ordered held without bond pending trial as prosecutors argued Wednesday that he was a danger to his own family and the greater community. Prosecutors during a detention hearing pointed to […]
17 hours ago
FILE - Anne Heche arrives at the premiere of "The Tender Bar" at the TCL Chinese Theatre, on Dec. 1...
Associated Press

Anne Heche’s death ruled accidental after fiery car crash

LOS ANGELES (AP) — Actor Anne Heche died from inhalation injury and burns after her fiery car crash and the death was ruled an accident, according to coroner’s results released Wednesday. Heche, 53, also had a fractured sternum caused by “blunt trauma,” according to information on the website of the Los Angeles County Medical Examiner-Coroner. […]
17 hours ago
This undated image provided by Stellantis shows the Dodge Charger Daytona SRT Concept.  (Stellantis...
Associated Press

Gas-powered muscle cars drive into the sunset, turn electric

PONTIAC, Mich. (AP) — Thundering gas-powered muscle cars, for decades a fixture of American culture, will be closing in on their final Saturday-night cruises in the coming years as automakers begin replacing them with super-fast cars that run on batteries. Stellantis’ Dodge brand, long the performance flag-bearer of the company formerly known as Fiat Chrysler, […]
17 hours ago
FILE - State Sen. Jason Rapert, R-Conway, presides over a Senate committee at the state Capitol on ...
Associated Press

Settlement requires Arkansas senator to unblock critics

LITTLE ROCK, Ark. (AP) — An Arkansas state senator will be required to unblock critics from his social media accounts under a settlement a national atheists’ group said it reached with the state on Wednesday. American Atheists announced the settlement in its federal lawsuit against Arkansas over Republican Sen. Jason Rapert’s social media. According to […]
17 hours ago
Associated Press

Missouri man charged with threatening election official

PHOENIX (AP) — A Missouri man has been indicted for leaving a threatening message on the personal cellphone of the top election official in Arizona’s most populous county, federal officials said. The case is the second filed in the past month against people accused of threatening top election officials in the battleground state. In late […]
17 hours ago

Sponsored Articles

...
Sanderson Ford

Don’t let rising fuel prices stop you from traveling Arizona this summer

There's no better time to get out on the open road and see what the beautiful state of Arizona has to offer. But if the cost of gas is putting a cloud over your summer vacation plans, let Sanderson Ford help with their wide-range selection of electric vehicles.
...
Mayo Clinic Orthopedics and Sports Medicine

Why your student-athlete’s physical should be conducted by a sports medicine specialist

Dr. Anastasi from Mayo Clinic Orthopedics and Sports Medicine in Tempe answers some of the most common questions.
...
CANVAS ANNUITY

Best retirement savings rates hit 4.30%

Maximize your retirement savings with guaranteed fixed rates up to 4.30%. Did you know there is a financial product that can give you great interest rates as you build your retirement savings and provide you with a paycheck for life once you retire? It might sound too good to be true but it is not; this product is called an annuity.
Alleged Chinese police database hack leaks data of 1 billion