Hacker claims he stole data on a billion people from Shanghai police


A hacker claims to have obtained a wealth of personal information on a billion Chinese citizens from Shanghai police in what tech experts say would be one of the biggest data breaches in history.

The anonymous netizen identified as “ChinaDan” posted on the hacker forum Breach Forums last week and offered to use the
more than 23 terabytes (TB) of data for 10 Bitcoin, which is about $200,000 (€197,000).

“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains TBs of data and information on billions of Chinese citizens,” the post said.

“Databases contain information on a billion Chinese residents and several billion case records including: name, address, place of birth, national ID number, mobile phone number, all crime/case details.”

Reuters could not verify the authenticity of the post.

The Shanghai government and police did not respond to requests for comment.

Reuters was also unable to reach self-proclaimed hacker ChinaDan, but the post was widely discussed on Chinese social media platforms Weibo and WeChat over the weekend, and many users feared it might be genuine.

The hashtag “data leak” was blocked on Weibo on Sunday afternoon.

Kendra Schaefer, head of technology policy research at Beijing-based consultancy Trivium China, said in a post on Twitter that it’s “hard to analyze the truth from the rumor mill.”

If the footage the hacker allegedly came from the Department of Public Safety, it would be bad for “a number of reasons,” Schaefer said.

“Obviously it would be one of the biggest and worst breaches in history,” she said.

Binance CEO Zhao Changpeng said Monday the cryptocurrency exchange stepped up user verification processes after the exchange’s threat intelligence spotted the sale of records from a billion people in an Asian country on the dark web. He said on Twitter that a leak could have occurred due to “a bug in an Elastic Search deployment by a (government) agency,” without saying whether he was referring to the Shanghai police case.

He posted again on Twitter later in the day, saying, “Apparently this exploit happened because the state developer wrote a tech blog on CSDN and accidentally pasted the credentials,” referring to the China Software Developer Network.

Software company Elastic said it was wrong to cite it as the source of the breach.

The Shanghai government did not immediately respond to a request for comment yesterday.

The claim of a hack comes as China has promised to improve privacy protections for online users and has ordered its tech giants to ensure safer storage following public complaints of mismanagement and abuse.

Last year, China passed new laws governing the handling of personal information and data. Hacker claims he stole data on a billion people from Shanghai police

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button