China suffers massive cybersecurity breach affecting over 1 billion people

Cybercriminals found a way into a Shanghai National Police database, in the largest exploit of personal information in the country’s history.

Image: Adobe

Residents of China are reeling today from the news that a cybersecurity breach led to over a billion people’s personal information being made available to hackers. The sensitive data came from a Shanghai National Police (SHGA) database that was left unsecured in what is the largest cybersecurity gap in the country’s history.

The nature of the exploit was discovered on July 5, when a cybercriminal, going by the username ChinaDan, was offered access to the massive amount of Chinese citizens’ information on a web forum for the sum of $200,000, or 10 Bitcoin.

On the forum, the hacker wrote: “In 2022, the SHGA database was leaked. This database contains many TB of data and information on Billions of Chinese citizen [sic]. Databases contain information on 1 Billion Chinese national residents and several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details.”

According to cybersecurity experts, the data located on the SHGA server was securely stored, until an adversary arranged a gateway, allowing for the server’s firewall to be breached. According to the New York Times, the gateway to the SHGA database was not password protected.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

The scope of the security breach

The attack is believed to have taken place due to unsecured servers of the SHGA, leading to the vulnerability of the sensitive information. Chinese authorities are known to collect massive amounts of data on their citizens through various means by tracking their movements, their social media posts and even going as far as to log the DNA of some of its citizens.

This amount of personal information available for anyone to see may seem overwhelming to those in the western world, but in China both the propensity for unsecured servers and the amount of sensitive data collected is nothing new. Several citizens according to the New York Times report said they were undaunted by the prospect of their information being made available online.

The breach of the SHGA is not the only database to have security issues, as a separate anonymous poster offered to sell data relating to another police database, this time in Henan, which houses over 90 million people.

It remains to be seen which individual or group claims responsibility for the attack, but an extensive amount of information on Shanghai’s citizens is on the internet for potential purchase.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.