A 22-Terabyte Breach – Probably China’s Most Significant Cyberattack

In the world of cybercrime, everyone is out to make a name for themselves. A lot have succeeded, some are on the way, and a few have just thrown in the towel. However, when a cybercriminal’s malicious practice earns the title of “The most significant data breach ever impacting China,” that’s when things get interesting.

A few days back, an anonymous threat actor shared a post on a hacker forum. That’s a typical practice among cybercriminals. But to claim to have stolen 22 terabytes of information on roughly 1 billion Chinese citizens? That’s huge.

22 terabytes! That’s a big number that can cause chaotic damage if the stolen data was released to the public. The hacker is asking for a ransom in exchange for the data. How much is it? How did someone accomplish such an attack in China? We’ve discussed everything in the following article.

ChinaDan Strikes – Shanghai National Police’s Database Breached

Data breaches saw a huge spike in 2022 as cybercriminals are finding new innovative ways to infiltrate systems. China is well known to host the finest hackers in the world.

In fact, for the past couple of years, Chinese hackers have targeted major telecommunications firms around the world.

But now, one hacker is storming the news as the threat actor who committed the biggest breach in China’s history.

According to this anonymous individual, the breach contains information from the Shanghai National Police (SHGA) database.

The threat actor claims to have stolen around 22 terabytes of information that belong to more than 1 billion Chinese citizens. Everything became available on a hacker forum under the name “ChinaDan.”

The post clearly states how many residents have been affected and what data was stolen. The allegedly stolen data include Chinese national residents’ names, addresses, national ID numbers, mobile numbers, and several billion criminal records.

Here’s what ChinaDan had to say:

“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizens.

Databases contain information on 1 Billion Chinese national residents and several billion case records, including: Name, Address, Birthplace, National ID Number, Mobile number, All Crime / Case details.”

When attackers ask for some sort of ransom, they usually calculate how much the data is worth. However, this particular threat actor is asking for 10 bitcoins (approximately $195,000).

Aside from the post, ChinaDan also shared a sample with 750,000 records. This sample contains delivery info, ID information, and police call records. With this, if any potential buyer is interested in the data, they can request the sample and verify its legitimacy.

Are The Claims Just Claims?

Unfortunately, what the hacker is claiming might be true. Binance CEO Zhao Changpeng confirmed that his company’s intelligence experts spotted the leak.

Apparently, the Chinese government agency accidentally exposed an ElasticSearch database. The threat actor wasted no time in exploiting it.

“Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency.” 

Zhao added that the exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.

Such breaches happen all the time, but this one hits differently. If the hacker’s claims turned out to be true, this would be the most significant data breach to ever hit China. Not to mention that it also would be one of the largest in history.

ChinaDan’s Shanghai National Police Breach – A Name That Made History

It is always important for all companies to enhance their security measures, especially when they have sensitive information on the line.

Today, with this Shanghai National Police breach, a single hacker made a name for himself at the expense of 1 billion Chinese residents. So far, we don’t know if the claims are true, but still, the incident is huge.