In June, personal data from about 1 billion Chinese people was put up for sale on a popular dark web forum in the largest scandal of its kind. Since then, researchers have seen a rise in the number of other types of personal records from China on cybercriminal marketplaces.
Because of the interest in leaked Chinese data, more attention has been paid to the huge amount of information the Chinese Communist Party collects through its vast surveillance system. In June, unknown hackers said they stold the data on about a billion Chinese people after finding an unprotected police database in Shanghai. This shows major flaws in how government agencies store information about citizens.
Group-IB is a Singapore-based cybersecurity firm. It said that in July, about 290 million records on people in China showed up on an underground market called Breach Forums.
In August, one seller offered the personal information of nearly 50 million users of Shanghai’s mandatory health code system, which is used to enforce quarantine and testing orders. For $4,000, the alleged stash included names, phone numbers, IDs, and COVID status.
Feixiang He is a researcher at Group-IB. He said, “The forum has never seen such an influx of Chinese users and interest in Chinese data. The number of attacks on Chinese users may grow in the near future.”
The research states that before that episode, there were three China-related databases being sold on Breach Forums. This number went up to 17 in July.
The breach could be due to various leaks as well as the attitude of the government in handling the problem.
In the 10 days after the leak in Shanghai, researchers from San Francisco’s Reposify Ltd. found more than 12,700 exposed assets, such as web servers and remote access sites, while checking Chinese regime’s websites for software flaws. This also included more than 1,400 exposed databases, which could include millions of data points about Chinese citizens that could be accessed.
Shanghai authorities or China’s internet regulators have not mentioned the police and health system data leaks to the public. And local censors have taken down posts about the leaks from social media.
In the meantime, hackers are getting ready for more data dumps. One new user on the underground database forum said they were selling information about the Shanghai health system when they joined the site in July. They also said they had more information that had been leaked that they could share. The unnamed user wrote, “In my humble opinion, no amount of cyber security [or] data protection could stop data leaks from ever happening.”