As Reuters reports, the hacker is going by the handle of ChinaDan, and is selling over 23TB of data for 10 Bitcoin (~RM893033). The report states that the sale of the data is posted on the hacker forum appropriately known as Breach Forums. Also on the post, the hacker claims that the data includes details like names, addresses, birthplaces, national ID numbers, mobile numbers, crime records and case details. WSJ points out that the sample posted by the hacker included 750000 records, with cases that range from incidents like petty theft and cyber fraud to domestic violence. These date as far back as 1995, and as recently as 2019. But with the number of people involved, the claimed hack would be among the biggest in the world, let alone the country. Making things worse is the allegation that it came from a government database. Though on the flip side, WSJ also quotes Troy Hunt, a web-security consultant based in Australia, who points out the possibility that the claim has been exaggerated. Which make sense, since one billion is a large number, even for a country with a population of 1.4 billion.
1 billion records of private citizens’ data. 😭 https://t.co/vPISm534Tn pic.twitter.com/FpMCGrpx08 — CZ 🔶 Binance (@cz_binance) July 4, 2022 According to the report, the anonymous hacker also claimed that the data set was obtained via a breach targetting Aliyun, a cloud computing subsidiary of Alibaba Group. The report also states that the company is aware of the incident and is investigating. Though Zhao Changpeng, CEO of Binance, made an interesting observation on Twitter, stating that “the exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials”. (Source: Reuters, WSJ, Zhao Changpeng / Twitter via Engadget)