Security News > 2022 > July > Hacker claims to have stolen data on 1 billion Chinese citizens

An anonymous threat actor is selling several databases they claim to contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins.

Based on the information they shared regarding the allegedly stolen data, the databases contain Chinese national residents' names, addresses, national ID numbers, contact info numbers, and several billion criminal records.

"In 2022, the Shanghai National Police database was leaked. This database contains many TB of data and information on Billions of Chinese citizens," the threat actor said in his post last week.

"Databases contain information on 1 Billion Chinese national residents and several billion case records, including: Name, Address, Birthplace, National ID Number, Mobile number, All Crime / Case details."

On Sunday, Binance CEO Zhao Changpeng confirmed that his company's threat intelligence experts spotted ChinaDan's claims and said that the leak was likely due to an ElasticSearch database that a Chinese government agency accidentally exposed online.

"Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency," Zhao said.

News URL

https://www.bleepingcomputer.com/news/security/hacker-claims-to-have-stolen-data-on-1-billion-chinese-citizens/