Hacker Sells Data of One Billion Chinese Citizens on Dark Web

A hacker under the nickname ChinaDan put up for sale data on a one billion Chinese citizens – these are several databases that contain more than 22 TB of information. The attacker valued this dump at 10 bitcoins (about $195,000).

ChinaDan claims the data was stolen from the Shanghai National Police (SHGA) and the database contains names, addresses, national ID numbers, contact numbers and information on several billion criminal convictions.

Let me remind you that we also wrote that Chinese authorities use AI to analyze emotions of Uyghur prisoners, and also that China has officially legalized the “Social Credit System”.

To prove his words, the hacker has already published a sample of data containing 750,000 records in the public domain. In addition to the information listed above, the sample even contains data on the transport of detainees and instructions for drivers.

data on billion Chinese citizens

According to the attacker, the data was stolen from Aliyun’s local private cloud (Alibaba Cloud), which is part of the Chinese police network.

The Wall Street Journal journalists decided to make sure that the data in the dump was indeed genuine and for this they tried to contact people whose information can be found in this database.

Five people confirmed all the information, including details of the [judicial] cases, which would be difficult to obtain anywhere other than the police. Four other people confirmed basic information, such as their names, before hanging up.
Changpeng Zhao
Changpeng Zhao

Even the head of the Binance cryptocurrency exchange, Changpeng Zhao, drew attention to this colossal leak. He said on Twitter that his company’s experts believe that the ElasticSearch database, which the Chinese government accidentally left unprotected, was the cause of the leak.

He later added that the attack was due to the fact that a government developer wrote a technical blog post on CSDN and accidentally forgot to hide the credentials in the post.

The Chinese authorities have so far remained silent and have not commented on this incident, but if ChinaDan’s claims turn out to be true, this leak will be the most serious ever to affect China, and, overall, one of the largest leaks in history.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button