An anonymous hacker claims to have obtained data relating to 12.5% of the world’s population by breaching a police database in Shanghai, according to reports.
The move has spooked some companies like Binance – whose CEO is from china – into bolstering their user verification processes.
Despite knowledge of good password practices being more widespread than ever before – and the use of password managers becoming more common – data breaches continue to happen due to weak account credentials, system bugs, and sluggish approaches to updates.
One Billion Possibly Affected by Breach
A hacker known only as “ChinaDan” was spotted advertising more than 22 terabytes of data, concerning over one billion Chinese citizens.
The stolen information, which made its way onto Breach forums last week, was offered to anyone who could pay the purchase fee of 10 bitcoins (~$195,000).
“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on billions of Chinese citizens,” the Breach Forums post said.
The poster claimed the database contained “several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.”
Is the Data Real?
Whoever is behind the breach has claimed that they were able to obtain the data via a local cloud provided by Alibaba Cloud subsidiary Aliyun, which is part of China's public security/police network.
There’s some evidence that the leak could be due to “a bug in an Elastic Search deployment by a gov[ernment] agency”, as Binance CEO Changpeng Zhao suggested on Twitter.
The individual behind the breach has actually already shared 750,000 records containing police call records, with the hope of intriguing prospective buyers and letting them verify that the data dump is genuine.
Yi Fu-Xian, a Senior Scientist at the University of Wisconsin-Madison told the Guardian that the database “contained information about almost all counties in China” including a tiny remote county in Tibet.
China’s most popular social media apps – including Weibo and WeChat – have seen an explosion of chatter about the alleged breach, but certain conversation topics and hashtags relating to the incident have been blocked.
The CEO of Binance, Changpeng Zhao, confirmed on Monday that his company was taking extra precautions to verify users in the wake of the incident.
The news is embarrassing for the Chinese government – themselves yet to comment on the leak – considering they’ve spent much of the last two years attempting to get Big Tech companies to ramp up their data security provisions.
How to Ensure Your Business Isn't Caught Up in a Breach
Although data breaches will continue to happen – and are likely to increase in frequency considering the current commercial availability of ransomware programs – there are things you can do to protect yourself and your business from having the data you hold leaked. Advised steps include:
- Using password managers to create sufficiently long and unique passwords
- Making sure software updates are implemented as soon as they're ready
- Continuously reviewing user permissions and privileges for accounts in your organization
- Using antivirus software to detect malware and stop it from exfiltrating data from your network
- Making multi-factor authentication compulsory for all employee accounts
- Strengthening Active Directory security
- Running and repeating regular data security training with all staff
Following these steps is essential in 2022, and companies that don't will effectively be sitting ducks for any hacker that stumbles upon their network and takes a closer look. With such a market to sell data on the dark web, they've got all the motivation they need.