One billion people: they would be the potential victims of the sensational theft of sensitive data by hackers in China, as reported by Bloomberg.
It could be an individual or an as yet unidentified team, which allegedly breached the
Shanghai police databases
, gaining access to the personal information of a billion Chinese (out of a population of just over 1.4 billion inhabitants).
According to the source, the huge archive, of 23 terabytes of data, went on sale on the dark web for
10 bitcoins
, over $ 198,000.
The data includes the names, addresses, places of birth, identification numbers of the identity cards and mobile phones of the victims.
The Wall Street Journal took possession of a portion of the archive, partially verifying its
correctness
by crossing public information about crimes in which the Shanghai police have been interested since 1995.
The confirmation comes from some leading cybersecurity experts, such as Pierluigi Paganini, who observes: “The Shanghai police database has been accessed.
Databases run by local law enforcement are obviously packed with information that could be used in the future to target unsuspecting citizens.
The availability of the online database was also confirmed by the CEO of the popular cryptocurrency exchange
Binance
, Zhao Changpeng ”.
“The company's threat intelligence group recently found this immense online archive available for sale on a well-known
cybercrime forum
,” explains Paganini.
How did this happen?
Rumors speculate that there was a problem with a cloud service provider holding the data.
It is not clear if it was hacked or if the data ended up online due to configuration problems of the infrastructure that hosted them ”.
The first investigations speak of an access obtained through the cloud computing company of the Alibaba group,
Aliyun
, on whose servers the archive was hosted.
Alibaba itself is investigating the matter: if the violation is confirmed, it would be the
most serious in China's history
.
The country has seen an escalation of security incidents in recent years.
In 2016, sensitive information about Chinese
managers and entrepreneurs
was posted on Twitter , including
Alibaba founder
Jack Ma. In 2020, China's leading social network,
, admitted data theft of more than 538 million users while in By 2022, Chinese police servers in the Xinjiang region were hacked to steal evidence of the Beijing government's abuses
of Uyghur
ethnic minority .