A hacker claimed to have seized, from the Shanghai police, a multitude of personal information concerning a billion Chinese citizens, which would constitute one of the largest data leaks in history.
Over-the-counter data
The security breach, which occurred in 2022, exposed the personal information of about 1 billion Chinese citizens. The data is now available for purchase on the open web and the darkweb. They contain names, residences, government identification numbers, mobile phone numbers and other sensitive information.
An anonymous hacker, ChinaDan, claims to sell the stolen information for ten bitcoins ($200,000). ChinaDan announced its offer on Breached.to , a computer hacking site.
It is impossible to verify if this information is true, for the moment the Shanghai police or another Chinese government entity did not wish to comment on this major incident. To go further, check out our analysis on Web 3.0 and recent hacks.
Binance CEO warns about this hack
It is in this particularly dangerous context that Binance CEO Zhao Changpen tweeted this :
« Our threat intelligence services have detected a billion resident records from an Asian country for sale on the darkweb, including name, address, national identity, mobile phone numbers, police and medical records. Probably due to a bug in the deployment of Elastic Search by a government agency. This has an impact on measures to detect/prevent hackers, mobile phone numbers used to take control of accounts, etc.
It is important for all platforms to strengthen their security measures in this area. @Binance has already strengthened the checks for potentially affected users. »
It is therefore very likely that the online sale of this gigantic information is real, it shows the unfortunately danger of centralized digitization and the possibility of exploiting this data without the knowledge of people and authorities. Indeed, taking the example of the city of Shenzhen, which distributed 30 million e-CNY, we can imagine that sensitive information is recorded in their databases.
It is difficult to know if an entity will take a serious interest in this offer, but it is likely that the Chinese government will do everything to identify if this hack is real and how to find the person or group of people behind this potential massive hack.
According to Kenny Li, co-founder of the Web3 privacy protection project Manta Network, the intrusion could have consequences for the cryptocurrency industry. « The stolen data could be used to exploit users and do things like phishing attacks to steal keys or unauthorized access to applications like centralized exchanges ”, Li said.
Data security is one of the most important elements in Web 3.0, indeed the decentralization of data makes it possible to prevent a hacker from using a breach in a centralized database in order to seize it. However, it is very difficult to be able to guarantee a fully reliable decentralized protocol and many examples of hacking in Web 3.0 have killed projects ranging from Play-to-Earn to DeFi.
Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!
Observer of the monetary, economic and social revolution.
