Personal data from 1 billion Chinese citizens stolen

An unknown hacker group has claimed to have stolen the personal information of 1 billion Chinese citizens from a Shanghai police database. To put this in context, China has a population of 1.4 billion according to Worldometer.

The news comes from an anonymous post on an online cybercrime forum with a demand of 10 Bitcoin, and cybersecurity experts are calling this incident "the largest cybersecurity breach in the country's history". The 23 TB of hacked data includes national identity documents, names, addresses, places of birth and telephone numbers, and even judicial information. 

Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies said: "Check Point discovered that the large database claimed as stolen from the Shanghai Police’s database was actually seen in an online cybercrime forum, which specialises in the trade of stolen databases. Within this forum, it was found that there are a variety of other China-related databases offered for sale as well, such as a China courier database with 66 M records that were allegedly stolen from ShunFeng Express in 2020, as well as other databases from Chinese driving schools.

"Cybercriminals are frequently looking for opportunities to steal databases from different organisations, in some cases using sophisticated malware families. In other cases, these hackers are scanning IP ranges of different organisations to identify unprotected assets and databases, from which to steal.

"In this particular case, as such a large database of personal information was leaked, there is a high chance that cybercriminals may use this data for phishing and spear-phishing attacks. As this database also includes mobile numbers, we recommend organisations in China to be prepared for a possible wave of smishing attacks."

In smishing, phishing messages appear to be from reputable companies.

A recent study by NordVPN analysed one of the markets on the dark web, and found that it has seen sales of more than US$17.3 million dollars to date. The items sold include payment card data, passport and ID scans, email batches with passwords, and even full identity sets - everything that criminals need to perform identity theft.

“This data breach in China is an opportunity to remind yourself of the things that can be done when a leak like this one happens. Of course, we urge people to share as little sensitive information as possible about themselves online because there is a great chance that if their data gets stolen, criminals will try to sell it on the dark web,” Daniel Markuson, a cybersecurity expert at NordVPN said.