SHANGHAI: A hacker has claimed to have obtained a wealth of personal data on one billion Chinese citizens from the Shanghai police, which, according to tech experts, if true, would be one of the largest data breaches in history.
The “ChinaDan” internet user offered to sell over 23 terabytes (TB) of data for 10 bitcoin, or about $200,000, in a post last week on the hacker forum Breach Forums.
“The Shanghai National Police (SHGA) database was compromised in 2022. Many TB of data and information about billions of Chinese citizens are contained in this database “said the post.
Data bases include name, address, birthplace, national ID number, mobile number, and all crime/case details for 1 billion Chinese national residents and several billion case records.
On Monday, requests for comment were not answered by the Shanghai police or government.
By Sunday afternoon, the hashtag “data leak” had been disabled on Weibo.
It is “hard to parse truth from rumour mill,” wrote Kendra Schaefer, head of tech policy research at the Beijing-based consultancy Trivium China, in a post on Twitter.
According to Schaefer, there are “a number of reasons” why the information, which the hacker claimed to have obtained from the Ministry of Public Security, would be bad.
It would undoubtedly rank among the worst and biggest breaches in history, she said.
The threat intelligence of the cryptocurrency exchange discovered the sale of records belonging to 1 billion residents of an Asian nation on the dark web, according to Zhao Changpeng, CEO of Binance, who announced on Monday that the exchange had tightened user verification procedures.
He suggested on Twitter that a leak may have occurred as a result of “a bug in an Elastic Search deployment by a (government) agency,” but he did not specify whether the Shanghai police case was the subject of his comment.