A hacker claims a massive data leak in China, which exposes information from 1 billion Chinese citizens. And the threat actor is now selling these allegedly stolen data on the dark web for 10 Bitcoins or $195,000.
Cybersecurity experts are now saying that if the claims of the anonymous hacker were, in fact, true, the China data breach would be one of the largest in entire history.
China Data Leak of 1 Billion Chinese Citizens
As per a news story by Reuters, an anonymous hacker, who goes by the alias "ChinaDan," went on to post about the breach on a hacker forum. The hacker also put over 23 terabytes (TB) of allegedly Chinese data up for sale online.
ChinaDan boldly claims to have stolen information of Chinese citizens straight from the database of the Shanghai Police of the Asian territory.
The anonymous user posted on the hacker forum that "the Shanghai National Police (SHGA) database was leaked." The hacker also says that the database of the SHGA "contains many TB of data and information on Billions of Chinese citizens."
The post reveals that the stolen data allegedly includes various information from citizens of the Chinese nation, such as their names, addresses, birthplace, national ID numbers, and contact numbers.
But on top of these data, the threat actor claims the leak also exposed criminal records and case details.
Hacker Shares China Data Breach Sample
Meanwhile, according to a recent report by Bleeping Computer, ChinaDan tries to prove that the whole China data leak is not a mere bluff.
The hacker shared a preview of the stolen data. ChinaDans claims it to be records of roughly 750,000 delivery information and police calls. This sample attempts to lure in buyers to make them believe that the breach is not fake at all.
Binance Threat Intelligence Weighs In
The Binance Chief Executive Officer (CEO), no less than Changpeng Zhao, confirmed the threat intelligence experts of the crypto exchange platform saw the post of ChinaDan on the dark web.
The big boss of Binance initially said that the data leak is "likely due to a bug in an Elastic Search deployment by a gov agency."
The Binance CEO also says that the whole breach appears to have started when a government developer accidentally includes the login credentials in a tech blog post.