An unknown under the nickname ChinaDan posted a message on a hacker forum in which he claims to be selling a database he stole to the police of one of the largest cities in China.
The attacker offers to buy data from the servers of the Shanghai National Police (SHGA) for 10 bitcoins (about $ 200,000) from him for cryptocurrency.
“The leak happened in 2022. This database contains many terabytes of information about billions of Chinese citizens,” says ChinaDan.
It has been officially confirmed that as a result of the hack, the personal data of more than 1 billion people in China were compromised. The information includes names, addresses, government identification numbers, mobile phone numbers, and other sensitive information.
CEO of the largest crypto exchange Binance Changpeng Zhao confirmedthat the exchange’s threat intelligence system found that 1 billion resident records from “one Asian country” were up for sale on the dark web and on BreachForums. The exchange claims to have stepped up its verification processes for users whose data was leaked to the network:
“Police and medical records leaked, likely due to an error in the deployment of Elastic Search by a government agency.”
In turn, the co-founder of the Web3 Manta Network privacy project, Kenny Li, said that the crime could have consequences for the crypto industry:
“The stolen data can be used to exploit users and perform activities such as phishing attacks to steal keys or gain unauthorized access to centralized exchange applications.”
In June, the collectible token (NFT) trading platform OpenSea reported that users’ email addresses had been leaked and warned of the possibility of phishing.