Hold the phone! One billion in hack attack
A hacker is offering for sale what he claims to be the personal details of a billion Chinese citizens. If the data, thought to come from police records, is genuine, it represents one of the world’s biggest online security breaches.
The hacker, who uses the alias ChinaDan, wants 10 bitcoin (which is worth about $US200,000) for the 23-terabyte database.
He says it holds information on a billion Chinese citizens, including name, address, national identification number, phone number, birthplace and, if relevant, criminal record.
Photos from death certificates, driving licences and practice permits as well as government facial recognition systems are also included.
Sample files supplied by ChinaDan have been verified as authentic by security experts from The Wall Street Journal, who called several people on the mobile numbers listed. Five confirmed all the details, including information that would be difficult to obtain from any source other than the police.
One woman, alarmed by the accuracy of the leaked details, asked the newspaper whether the information about her had come from the iPhone she had reported stolen in 2016. Four others confirmed basic information such as their name before hanging up.
The data appears to have come from an assortment of sources, including government services such as police and civil complaints records. The hacker has claimed that the breach came from Aliyun, a cloudcomputing service run by the tech giant Alibaba. It is believed to be the host of the Shanghai police database.