Home1 billion personal data breached in ChinaChina records biggest ever database leak in history, 1 billion personal data...

China records biggest ever database leak in history, 1 billion personal data breached

Source : Asian News International (ANI)


China records biggest ever database leak in history, 1 billion personal data breached
Exhibitors show a big data visual analysis decision platform during the 2018 China international big data industry expo in Guiyang, southwest China’s Guizhou Province, May 26, 2018. [Photo/Xinhua]



Beijing: China recorded the biggest ever database leak in history with nearly one billion personal data being online for more than a year.

The leak could be one of the biggest ever recorded in history, cybersecurity experts say, highlighting the risks of collecting and storing vast amounts of sensitive personal data online — especially in a country where authorities have broad and unchecked access to such data, reported CNN.

“As it stands today, I believe this would be the largest leak of public information yet — certainly in terms of the breadth of the impact in China, we’re talking about most of the population here,” said Troy Hunt, a Microsoft regional director based in Australia.

The online database contained the personal information of up to one billion Chinese citizens and was noticed after an anonymous user in a hacker forum offered to sell the data last week.

The anonymous user advertised to sell more than 23 terabytes (TB) of data for sale for 10 bitcoin — roughly USD 2,00,000 — in a post on a hacker forum last Thursday.

The user claimed the database was collated by the Shanghai police and contained sensitive information on one billion Chinese nationals, including their names, addresses, mobile numbers, national ID numbers, ages and birthplaces, as well as billions of records of phone calls made to police to report on civil disputes and crimes, reported CNN.

The vast trove of Chinese personal data had been publicly accessible via what appeared to be an unsecured backdoor link — a shortcut web address that offers unrestricted access to anyone with knowledge of it — since at least April 2021, according to LeakIX, a site that detects and indexes exposed databases online.

A sample of 750,000 data entries from the three main indexes of the database was included in the seller’s post.

Meanwhile, the Shanghai government and police department did not respond to CNN’s repeated written requests for comment.

The seller also claimed the unsecured database had been hosted by Alibaba Cloud, a subsidiary of Chinese e-commerce giant Alibaba.

Alibaba said “we are looking into this” and would communicate any updates. On Wednesday, Alibaba said it declined to comment to CNN.

China is home to 1.4 billion people, which means the data breach could potentially affect more than 70 per cent of the population.

It is unclear how many people have accessed or downloaded the database during the 14 months or more it was left publicly available online.

Unsecured personal data — exposed through leaks, breaches, or some form of incompetence — is an increasingly common problem faced by companies and governments around the world, and cybersecurity experts say it is not unusual to find databases that are left open to public access.

The latest data leak is particularly worrying, cybersecurity researchers say, not only because of its potentially unprecedented volume, but also the sensitive nature of the information contained.

A CNN analysis of the database sample found police records of cases spanning nearly two decades from 2001 to 2019. While the majority of the entries are civil disputes, there are also records of criminal cases ranging from fraud to rape.

In one case, a Shanghai resident was summoned by police in 2018 for using a virtual private network (VPN) to evade China’s firewall and access Twitter , allegedly retweeting “reactionary remarks involving the (Communist) Party, politics and leaders.”

In another record, a mother called the police in 2010, accusing her father-in-law of raping her 3-year-old daughter.

The Chinese government has recently stepped up efforts to improve protection of online user data privacy. Last year, the country passed its first Personal Information Protection Law, laying out ground rules on how personal data should be collected, used and stored.

But experts have raised concerns that while the law can regulate technology companies, it could be challenging to enforce when applied to the Chinese state, reported CNN.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Aatmanirbhar Bharat

All

Defence Ministry set to clear โ‚น70,000 crore frigates’ order

New Delhi: The defence ministry is set to clear a mega โ‚น70,000 crore order for new warships for the Indian Navy. The stealth frigates...

Zen Technologies launches AI-powered robot for global defense market

Zen Technologies, an anti-drone technology and defence training solutions provider, in collaboration with its subsidiary AI Turing Technologies on Monday introduced AI-powered robot Prahasta,...

AMCA 5th Generation Stealth Fighter Updates

AMCA to be integrated with sophisticated indigenous Distributed Aperture System (DAS) that making it a formidable air asset for the Indian Air Force

Source : IgMp Bureau Indiaโ€™s Advanced Medium Combat Aircraft (AMCA) is on the brink of a revolutionary transformation with the integration of a sophisticated Distributed...

AMCA to incorporate the best features of both 5th and 6th Generation fighters: ADA sources

Source : IgMp Bureau India's strides toward indigenous air dominance receive a substantial boost with the green signal for the Advanced Medium Combat Aircraft (AMCA)...

Most Popular

Recent Comments

Archive Months

Miscellanous

Rafah: Israeli tanks advance into areas in north and south Gaza

Israeli forces advanced further on Sunday into the Shejaia neighbourhood of northern Gaza and also pushed deeper into western and central Rafah in the...

Govt approves โ‚น6,828 crore deal to procure 70 HTT-40 Basic Trainer Aircraft from HAL

Source : Asian News International (ANI)HTT-40 Basic Trainer Aircraft designed and manufactured by HALNew Delhi: The Union Cabinet on Wednesday approved procurement of 70...

Vijay Diwas Parade: Vijay Diwas: BSF organises first-ever parade in Delhi to mark 1971 war victory

The BSF held a first-ever "Vijay Diwas Parade" here on Saturday to commemorate the 1971 Bangladesh Liberation War that saw a historic victory of...
Visits
error: Content is protected !!