[ad_1]
Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database, in what could be one of the largest data breaches in history if confirmed.
In a post on Breach Forums, an online hacking forum last week, someone using the handle “ChinaDan” offered to sell nearly 24 terabytes (24 TB) of data, including information on what they claim was a billion people and “billion cases”. Record”. 10 bitcoins, worth about $200,000.
The data is said to include information from the Shanghai State Police database, including names, addresses, ID and mobile phone numbers, and case details.
The data sample seen by The Associated Press listed names, birthdays, ages and mobile phone numbers. 1 person is listed as “born in 2020” and the age is “1”, indicating that the data obtained in this violation contains information of minors.
The Associated Press could not immediately verify the authenticity of the data samples. Shanghai police did not immediately respond to a request for comment.
The data breach initially sparked discussions on Chinese social media platforms such as Weibo, but censors later began blocking keyword searches for “Shanghai data breach.” They were skeptical until they verified some personal data leaked online by trying to search for people on Alipay using their personal information, one person said.
“Everyone, please be careful in case there are more phone scams in the future!” they said on Weibo.
Another commented on Weibo that the leak meant everyone was “streaking” — a slang term used to refer to a lack of privacy — “shocking”. Experts say the breach, if confirmed, would be the largest in history.
Kendra Schaefer, a technology partner at policy research firm Trivium China, said in a tweet, “It’s hard to parse out the truth from the rumor mill, but it is possible to confirm the existence of the documents.” Michael Gazeley, managing director of Hong Kong-based security firm Network Box, said in a tweet , such data breaches are fairly common.
“There are currently about 12 billion compromised accounts posted on the dark web. That’s more than the world’s total,” he said, adding that most data breaches typically originate in the United States.
Chester Wisniewski, chief research scientist at cybersecurity firm Sophos, said the breach “could be very embarrassing to the Chinese government” and that the political harm could outweigh the harm to the people whose data was leaked.
A policeman monitors a traffic light at an intersection in Shanghai, Tuesday, May 31, 2022. Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database, in what could be one of the largest data breaches in history if confirmed. (AP Photo/Wu Hanguan)
Much of the data, he said, is similar to that held by ad companies running banner ads.
“When you’re talking about a billion people’s information and it’s static, irrespective of where they’re traveling, who they’re communicating with or what they’re doing, then it becomes less interesting,” Wisniewski said.
Still, once hackers get the data and put it online, it’s impossible to delete it completely.
“Once the information is released, it’s there forever,” Wisniewski said. “So if someone thinks their information is part of this attack, they have to assume that anyone can use it forever and they should take precautions to protect themselves.” A major cryptocurrency exchange said it had stepped up Verification procedures to prevent fraudulent attempts, such as using personal information from reported hacking attacks to take over people’s accounts.
Changpeng Zhao, CEO of cryptocurrency exchange Binance, tweeted on Monday that its threat intelligence had detected the sale of “1 billion resident records.” “This will have implications for hacker detection/prevention measures, mobile numbers used for account takeovers, etc.,” Zhao wrote in his tweet, before saying that Binance had tightened verification measures.
In 2020, a major cyberattack believed to have been launched by Russian hackers compromised multiple U.S. federal agencies including the U.S. State Department, the Department of Homeland Security, telecommunications companies and defense contractors.
Last year, more than 533 million Facebook Users posted their data on hacker forums after hackers stole their data as a bug was patched.
[ad_2]
Source link