china data

(Photo by HECTOR RETAMAL / AFP)

How will China respond to its largest data leak?

When it comes to data, China is often known for its strict rules about it. As the world’s most populated country, the amount of data generated in the country vast and securing them has been critical. Over the years, reports of data leaks in China hardly occur as the government strict policies on data ensures no opportunity for any leaks or such.

Interestingly, things have now taken a turn as China is now facing what appears to be its largest data leak ever. Over the years, China continues to be accused of using state-sponsored hackers for espionage purposes. Now, reports show that their data has been compromised as well. There is no denying that data leaks are common in most countries and organizations over recent times but the incident in China is a rather interesting one, as it involves the police database.

According to a report by Bloomberg, unknown hackers have claim to have stolen data of a billion Chinese residents after breaching a Shanghai police database. The report stated that the person or group claiming responsibility for the attack is willing to sell more than 33 terabytes of stolen data from the database for 10 bitcoin.

Bloomberg stated that an anonymous post on an online cybercrime forum had revealed that the database includes names, addresses, birthplaces, national IDs, phone numbers as well as criminal case information. The 10 bitcoin price is worth around US$200,000. Industry experts are stating that this breach could be the largest ever in the country’s history.

Meanwhile, AsiaMarkets posted a screenshot of the data leak which also included a sample data set, with 750,000 files from the database. The sample data has been uploaded onto the forum’s servers.

In a series of Tweets, Changeng Zhao, CEO of Binance, also stated that their threat intelligence detected 1 billion resident records for sale on the dark web. He tweeted that the records the information was leaked possibly due to a bug in an Elastic Search deployment by a government agency.

He also said that this has an impact on hacker detection and prevention measures while the mobile numbers exposed could be used for account takeovers and such. Zhao advised all platforms to enhance their security measures in the area. Zhao also pointed out that Binance has already stepped up its verifications for users that are potentially affected.

Zhao is just one of the many security professionals and community in China that have been caught surprised and shocked by the data leak. Countless speculations have since been triggered, especially on the credibility of the security of the data as well as how the leak could have occurred.

Bloomberg stated that a popular theory that is being circulated among cybersecurity experts is that the data leak involved a third-party cloud infrastructure partner. For China, Alibaba Cloud, Huawei Cloud and Tencent Cloud are among the country’s biggest external cloud service providers.

As expected, authorities in Shanghai remain tight-lipped and have not publicly responded to the data leak and incident. China’s internet overseer, the Cyberspace Administration of China as well as the city’s police have also not responded to comments by media organizations.

Meanwhile, Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies explained that cybercriminals are frequently looking for opportunities to steal databases from different organizations. While in some cases, they use sophisticated malware families, in other cases, hackers are now scanning IP ranges of different organizations to identify unprotected assets and databases, from which to steal.

“In this particular case, as such a large database of personal information was leaked, there is a high chance that cybercriminals may use the data for phishing and spear-phishing attacks. As this database also includes mobile numbers, we recommend organizations in China to be prepared for a possible wave of smishing attacks,” he commented.