A cybercriminal named “China Dan” claimed to have stolen personally identifiable information of 1 billion Chinese citizens.
According to an announcement on a dark web marketplace, the threat actor said that the database contained 22 terabytes of records extracted from Shanghai National Police servers. The database allegedly included the residents’ names, addresses, contact information, and criminal record checks, for 10 Bitcoin.
“In 2022, the Shanghai National Police (SHGA) database was leaked,” read the post.
“Databases contain information on 1 Billion Chinese national residents and several billion case records, including: Name, Address, Birthplace, National ID Number, Mobile number, All Crime / Case details,” it added.
China Dan also shared a sample that contained more than 750,000 records of user data for potential buyers to check out.
“At this point, it’s impossible to confirm the scale of the data leak, but five of the people who picked up verified all of the case details listed with their name — information that would be difficult to obtain from any source other than the police,” the Wall Street Journal’s Karen Hao tweeted.
The breach was confirmed by Binance CEO Zhao Changpeng, who said the leak was most likely due to a misconfiguration on an ElasticSearch database server.
“Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country,” Zhao Changpeng tweeted on Sunday. “Likely due to a bug in an Elastic Search deployment by a gov agency.”
If the hack indeed encompasses 1 billion people, it would be one of largest cybersecurity breaches ever recorded and the largest known for China, Hao also Tweeted. But experts remain cautious—the hacker’s claim could be exaggerated or falsified to boost financial gain.