Mystery hacker says 1 billion people exposed in ‘biggest hack in history’

Someone known as ‘ChinaDan’ advertised 23TB cache of sensitive data on the dark web

Anthony Cuthbertson
Monday 04 July 2022 20:03 BST
Comments
A mystery hacker claims to have stolen 23TB of sensitive data from roughly 1 billion Chinese citizens
A mystery hacker claims to have stolen 23TB of sensitive data from roughly 1 billion Chinese citizens (Getty/iStock)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A mystery hacker has claimed to have stolen a massive batch of data containing sensitive information on roughly a billion Chinese citizens, with cyber experts warning it may be one of the biggest breaches in history.

The 23 terabyte (TB) cache was allegedly stolen from the Shanghai police department and was advertised on hacking forums in the country.

The anonymous internet user, identifying themselves as “ChinaDan”, posted on Breach Forums last week offering to sell the data for 10 bitcoin, equivalent to about £165,000.

“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizen,” the post said.

“Databases contain information on 1 Billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.”

The Wall Street Journal claims to have verified a small portion of the data, while prominent Chinese tech figures have vouched for its authenticity.

Changpeng Zhao, the CEO of leading crypto exchange Binance, said his company had detected a breach, which he said on Twitter was “likely due to a bug in an Elastic Search deployment by a gov[ernment] agency”. He said his firm had stepped up user verification processes following the alleged hack.

The Shanghai government and police department did not respond to requests for comment on Monday.

The post by ChinaDan was widely discussed on China’s Weibo and WeChat social media platforms over the weekend, with many users worried it could be real. The hashtag “data leak” was blocked on Weibo by Sunday afternoon.

Kendra Schaefer, head of tech policy research at Beijing-based consultancy Trivium China, said in a post on Twitter that it was “hard to parse truth from rumour mill”.

If the material the hacker claimed to have came from the Ministry of Public Security, it would be bad for “a number of reasons”, Ms Schaefer said.

“Most obviously it would be among biggest and worst breaches in history,” she added.

The claim of a hack comes as China has vowed to improve protection for online user data, instructing its tech giants to ensure safer storage after public complaints about mismanagement and misuse.

Last year, China passed new laws governing how personal information and data generated within its borders should be handled.

“Organisations and government entities carry a responsibility to consumers and civilians alike to guard their most valuable information at all costs,” Bill Conner, CEO of cybersecurity firm SonicWall and adviser to GCHQ and Interpol, told The Independent.

“Personal information that does not change as easily as a credit card or bank account number drives a high price on the dark web. This kind of personally identifiable information is highly sought after by cybercriminals for monetary gain. Companies should be implementing security best practices such as a layered approach to protection, as well as proactively updating any out of date security devices, as a matter of course.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in