Shanghai has undergone potentially the biggest data breach of all time. According to reports, a hacker by the name of ‘ChinaDan’ claims to have stolen 23TB worth of personal information. The hack – which involves close to 1 billion Chinese residents — is up for sale. And what may that much information be worth? 10 Bitcoin. Apparently.
ChinaDan, the anonymous hacker, took to Breach Forums in search of a buyer willing to take on 23TB worth of personal data. There are thousands, if not millions of people who would jump at the chance to control as much information as that. The low price of 10 Bitcoin (about R336,000) almost ensures that the data will be sold. Assuming it hasn’t already.
Compared to the hack that took place at Shoprite in June, it seems ChinaDan could have asked loads more for their hard work. The group behind Shoprite’s hack stole 600GB worth of data and was looking for 20 Bitcoin for access to it. 600GB is considerably less than 23TB. Why the price discrepancy.
How to sell 23TB of data? Breach Forums!
In ChinaDan’s post to Breach Forums, they said, “In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizens.”
“Databases contain information on 1 billion Chinese national residents and several billion case records, including names, addresses, birthplaces, national ID numbers, mobile numbers, all crime/case details.”
The Shanghai Police Department has yet to respond to ChinaDan’s claim. This could be due to the reliability of the original post – which is still under scrutiny. This leaves us with more questions, however. If the post was a hoax, the Shanghai Police Department would have no problem denying the breach.
The data breach caused a stir on Chinese social media apps Weibo and WeChat over the weekend. It led to many Chinese residents questioning whether the breach was real or not. By the end of the weekend, Weibo went as far as blocking the hashtag “data breach”.
Who’s to blame?
Zhao Changpeng, CEO of Binance, said that his company had stepped up its game in terms of verification processes. This is because Binance’s threat intelligence detected the sale of records belonging to 1 billion residents of an Asian country on the dark web. He did not go into detail about which country was involved specifically – though it would be strange if another Asian country was involved.
Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on …
— CZ 🔶 Binance (@cz_binance) July 3, 2022
Changpeng believes the leak could have happened because of “a bug in an Elastic Search deployment by a (government) agency.” He did not immediately respond to comments after the claim. Hours later, he took to Twitter again, saying, “apparently this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.” Meaning Elastic, the Chinese software company.
Elastic says it is wrong to cite them as the source of the breach.
Last year, China passed new laws which dictate how personal information and data are handled within the country’s borders. It may not have made much difference, as it didn’t affect the hacker’s ability to (probably) steal 23TB worth of data.