Cyber security news for all


    Massive Data Breach Exposes Over 1.2 Billion Records of Chinese Citizens

    A mysterious actor compiles a vast dataset, potentially for malicious purposes.

    Introduction: In a significant cybersecurity incident, over 1.2 billion personal records primarily belonging to Chinese citizens have been leaked online due to a misconfiguration in an Elasticsearch database. The data, discovered by the Cybernews research team on May 6th, encompasses a wide range of sensitive information.

    Event Discovery and Initial Analysis: Cybernews researchers stumbled upon a colossal dataset targeting individuals from China, which was inadvertently exposed by an unknown actor due to a misconfigured Elasticsearch instance. The leak, primarily consisting of data compiled from multiple breaches (COMB), was first uploaded on April 29th and has since grown to include 1,230,703,487 records.

    Details of the Exposed Data: The exposed data varies, with every record containing at least a phone number. Other details include addresses, ID card numbers, and more. Notably, the COMB hosts data from various sources, including previously public leaks and some not seen before datasets. Sub-datasets within the COMB reveal information from social media apps like QQ and Weibo, logistic services like ShunFeng, and other personal details linked to services like Ping An Insurance.

    The Scope and Potential Impact: Covering nearly 87% of China’s population, the breach’s vast scale suggests it may be used for large-scale scams or phishing operations. With the data hosted in a German data center and the Kibana instance set in Simplified Chinese, there is speculation that the administrator might also be Chinese.

    Ongoing Investigations and Concerns: As of now, no individual or group has claimed responsibility for the dataset. However, the nature of the data suggests it might be used for illegal activities. The German cloud provider has been informed about the illicitly stored data, and steps are being taken to secure the breach. Past data incidents in China, including the 2022 Shanghai police breach, highlight the growing concern over data security in the region.

    Conclusion: The incident underscores the critical need for stringent cybersecurity measures and proactive monitoring to prevent data leaks. Individuals in China are advised to remain vigilant, as their data could be used in future malicious campaigns targeting a vast number of people.

    Advice for the Affected: Affected individuals should monitor for any unusual activity and be cautious of phishing attempts or scam calls. No passwords were included in the data, but other personal information could still be exploited by cybercriminals.

    Recent Articles

    Related Stories