According to 01Net’s one of the biggest leaks in history?
. news, I share all my suggestions, recommendations and opinions about one of the biggest leaks in history?
with you. Details are below…
A hacker has sold stolen data to the Shanghai police. A database that would contain detailed information on a good part of Chinese citizens. Unheard of, or almost.
Ten bitcoins, which is the equivalent of approximately $200,000. This is what “ChinaDan”, a mysterious hacker, is asking for in exchange for a database containing detailed information… on a billion Chinese citizens. Last Thursday, he posted an unequivocal announcement on a forum frequented by cybercriminals. “In 2022, the Shanghai National Police was hacked. This database contains many terabytes of data and information on billions of Chinese citizens.”
The set of data is indeed staggering in size: in total, it approaches 23 terabytes, a little more than all the texts in the Library of the American Congress! It must be said that it is particularly complete, since it would include the name, address, place of birth, identity number and mobile number of more than one in two Chinese… But also all their past criminal activity, the case applicable.
A blunder with devastating consequences
One of the first to have reported this gigantic leaked is none other than Changpeng Zhao, alias CZ, Binance’s highly publicized boss. In a tweet, he explains that the leak would be the result of a vulgar clumsiness of a developer in the service of the government. He would have simply written a technical article on CSDN (a web platform very popular among Chinese developers) and inadvertently published the login data for the database he was working on.
Apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.
— CZ 🔶 Binance (@cz_binance) July 4, 2022
A blunder with potentially devastating consequences as the data is precise. Because there is enough to easily steal the identity of the individuals concerned, to blackmail them, to target them with diabolical precision during a campaign of phishingetc.
It remains to be seen whether the hacker responsible for this unpublished publication is indeed in possession of this data. This is not yet certain, but many concordant facts tend to prove it. First, because he – as many cybercriminals do – provided a sample of the data in free access. That is no less than 750,000 entries drawn from the database.
— Tuomas Lin Li (@TuomasLinLi) July 3, 2022
Journalist Karen Hao from washington post was thus able to verify the contact details of a dozen citizens listed in the sample. She was able to confirm the information from the base with them in nine cases out of twelve. Among these, several individuals also confirmed the information on crimes and misdemeanors, “ data that would have been difficult to obtain from any source other than the policee,” she says.
Censorship is on full swing
The Chinese authorities are in any case on the teeth. Shanghai police declined to comment. But the censorship machine is already running at full speed. According to the FinancialTimes, tens of thousands of messages about the leak have reportedly been deleted from social networks such as WeChat or Weibo, and several hashtags related to the case erased. Baidu, the local “Google”, would also have removed access to articles that evoked piracy.
If this leak is indeed confirmed, it would obviously be one of the most serious ever recorded. Only the compromise of the Indian Aadhaar biometric database can stand up to him. As a reminder, in 2018, a flaw had been discovered in this system which counts a large proportion of Indian citizens. It allowed access to the personal information of nearly 1.2 billion people!
Although tragic, this data leak has the merit of pointing the finger at an even more serious problem: the extent of the personal information contained by the Chinese authorities. And to remember that it collects, processes and uses an excessive amount of data, with the greatest contempt for individual freedoms.