The Largest Data Breach in all of Cybersecurity?

In July 2022, an anonymous hacker by the alias of ChinaDan bid 10 bitcoin ($200000) for 23 terabytes of data from the Shanghai police database. The database was supposed to include the private information of 1 billion Chinese citizens including national ID numbers and criminal case details. The offer was placed on a hacker forum called Breach Forums. However, the website has now deleted all relevant posts and comments relating to ChinaDan’s post. As of July 24th, 2022, no official statement regarding to the takedown has been given by the website.

It wasn’t the complexity of the breach that led to this incident, but rather the lack of security measures protecting Chinese Citizens. A Chinese cybersecurity agent had unintentionally leaked the access code and link to a server that held the data on a public forum post. The link didn’t require a two-factor authentication code would provide anyone to access these files for seven months. Exposing the loopholes in the security, the hacker used the link to discreetly download the data over the here span of seven months.

To confirm the legitimacy of the data, the hacker had released sample data of 250,000 citizens in the .json format. Cybersecurity experts analyzed the data and confirmed it to be likely legitimate. In this case, there is no guarantee that the data is authentic; however, the sheer scale and detail put into the sample is almost impossible for a single person to fake. The sample included the name, ethnicity, address, geohash, longitude, latitude, prior charges, and most intriguing, a confidence score of each person. The confidence score likely dictated the amount of surveillance necessary for a certain citizen. The photos from Techcrunch displayed have the Chinese police record translated into English with personal information redacted.

Although individuals online had open discussions regarding the topic, the Chinese government has actively tried to censor discussion on the topic in China. The #dataleak trend on Weibo has been blocked. The data leak has not only exposed the Chinese government’s outdated and inadequate security, but also exposed the government’s unjust censorship and oppression on minority races. For the past few years, the Chinese government has been accused of oppressing the Uyghur Muslims in Xinjiang and the data substantiated such claims to be true. The sample data mentions that a certain citizen had used a VPN (virtual private network) to go to the “foreign website twitter and forward reactionary remarks.” This reveals that openly expressing disagreement with the government can translate into Chinese citizens’ criminal history.

Although the data breach cannot be truly authenticated, it is highly likely that the data is reliable. In effect, multiple cybersecurity experts from the New York Times, CNN, and Wall Street Journal have all verified portions of the data to be genuine. The data leak not only sets a record in history of being the largest data breach, but also can potentially lead to collateral damage irreversibly affecting the Chinese government.

Citations:

Techcrunch

BreachForums