Hackers are selling personal records of Chinese citizens stolen during a cybersecurity breach that allegedly targeted a database of Shanghai National Police (SHGA).
The security breach, which occurred sometime in 2022, exposed the personal data of over 1 billion Chinese citizens. The information has now been put it up for sale on both the open and the dark web. It includes names, addresses, government ID numbers, mobile numbers and other sensitive details.
One anonymous hacker who goes by ChinaDan is claiming to sell the stolen information in exchange for 10 bitcoin ($200,000). ChinaDan posted the offer on Breached.to, a hacking forum used by black hat hackers.
Binance CEO Changpeng Zhao said in a Twitter post over the weekend that the exchange's threat intelligence systems detected that 1 billion resident records from “one Asian country” were put up for sale on the dark web. The exchange claims to have ramped up its verification processes for those affected by the breach.
Zhao added that the breach may have occurred due to a buggy deployment of ElasticSearch, an enterprise search and data analytics tool.
Kenny Li, the co-founder of web3 privacy project called Manta Network, told The Block that the breach may have implications for the crypto industry. "User data exposed through data compromises can be exploited to steal additional information such as keys through phishing attacks, or impersonate to gain unauthorized access to applications like centralized exchanges," Li said.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.