A hacker going by the pseudonym “ChinaDan” has posted a thread on a popular hacking forum BreachForums, stating that they are selling Shanghai’s National police database (SHGA).
The hacker states that the database contains multiple terabytes of data containing roughly a billion Chinese citizen records.
The data was apparently siphoned from the host: http://oss-cn-shanghai-shga-d01-a.ops.ga.sh
The leaked data contains 1 billion Chinese national resident records and several billion case records, including:
- Names
- Addresses
- Birthplace
- National ID number
- Mobile number
- All crime & case details
Due to speculation about the sheer amount of data ChinaDan has access to, he shared a sample of 750,000 records. These records contained delivery info, ID information, and police phone call records. This sample allowed interested buyers to have some proof before making such a large purchase.
“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizens,” the hacker stated in his post last week.
The hacker verified the info was exfiltrated from a local private cloud supplied by Aliyun (Alibaba Cloud), a component of the Chinese police network.
Binance CEO Zhao Changpeng has looked into this massive data breach and has confirmed it’s legitimate via his company’s threat intelligence experts. They stated the leak was possibly due to an ElasticSearch database that the Chinese government posted online by accident.
“Our threat intelligence detected 1 billion resident records for sale on the dark web, including name, address, national id, mobile, police, and medical records from one Asian country. Likely due to a bug in an Elastic Search deployment by a gov agency,” Zhao stated.
“This has an impact on hacker detection/prevention measures, mobile numbers used for account takeovers, etc.”
Zhao tweeted later that “apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.”
Wall Street journalist Karen Hao contacted over a dozen individuals who had their info presumably compromised in the breach and claimed that a number of them verified all the info obtainable in the 750k sample.
“At this point, it’s impossible to confirm the scale of the data leak, but five of the people who picked up verified all of the case details listed with their name — information that would be difficult to obtain from any source other than the police,” Hao added.
“The other four confirmed basic information like their names before hanging up.”
If the leak is proven to be legitimate, this will go down in history as the largest data breach to have ever hit China, and will also go down as one of the largest data breaches in history.