One billion Chinese individuals’ personal information has allegedly been stolen by a hacker from the Shanghai police, which, according to cyber experts, would represent one of the greatest data breaches in history.
Last week, the “ChinaDan” internet user posted on the hacker forum Breach Forums offering to sell the more than 23 gigabytes (TB) of data for 10 bitcoin, or almost $200,000.
“The Shanghai National Police (SHGA) database was compromised in 2022. Many TB of data and information about billions of Chinese citizens are contained in this database “claimed the article.
“Databases contain information on 1 billion inhabitants who are Chinese nationals and several billion case data, including name, residence, birthplace, national ID number, cellphone number, and all crime/case details.”
On Monday, demands for comment were not answered by the Shanghai police or administration.
By Sunday afternoon, the hashtag “data leak” had been disabled on Weibo.
It is “impossible to parse fact from rumor mill,” wrote Kendra Schaefer, head of tech policy research at the Beijing-based consultancy Trivium China, in a post on Twitter.
If the information the hacker claimed to possess originated from the Ministry of Public Security, Schaefer said it would be terrible for “a lot of reasons.”
It would undoubtedly rank among the worst and largest breaches in history, she added.
The threat intelligence of the cryptocurrency exchange discovered the sale of documents belonging to 1 billion citizens of an Asian nation on the dark web, according to Zhao Changpeng, CEO of Binance, who said on Monday that the exchange has tightened user verification procedures.
He suggested on Twitter that a leak may have occurred as a result of “a problem in an Elastic Search deployment by a (government) agency,” but he did not specify if the Shanghai police case was the subject of his comment. A request for more comment did not receive a prompt response from him.
The hacking accusation comes at a time when China has committed to strengthen security of internet user privacy, ordering its tech titans to ensure safer storage in response to widespread concerns about improper handling and abuse.
China approved new legislation controlling the handling of personal data and data generated inside its borders last year.