Where did hackers get the data and for what purpose did they publish it in the public domain?
On May 6, the Cybernews research team found a huge data set on the Internet containing personal information exclusively for Chinese citizens. The amount of data has already exceeded 1.2 billion records and continues to grow.
The first entry to this archive was added on April 29, and in just a week the amount of data increased to 1,230,703,487 entries. The leak covers about 100 gigabytes and contains mostly phone numbers, but often other sensitive data, such as home addresses and ID numbers.
Most of the data is collected from previously leaked public databases, but there are also unique and previously unseen data sets. The researchers suggest that an organized group with potentially malicious intentions is behind the data collection.
What is included in the leak?
All this data is stored on servers in Germany, and the Kibana interface, through which you can view data, is set to simplified Chinese, which hints at the origin of the administrator.
Potential hazards
Despite the absence of passwords in the leaked data, fraudsters can use this information to conduct large-scale fraudulent operations, including spam and phishing. Phone numbers, in particular, can be used to authenticate or restore access to accounts, which increases the risk of personal information theft or unauthorized access.
Cybercriminals can also use the collected data for social engineering, for example, trying to build trust and get more sensitive information from the victim.
Cybernews researchers have already informed the German cloud provider about illegally stored data. It is likely that he will soon take certain steps to protect them. This leak was the second largest this year, behind only the Mother of All Leaks collection, which includes 26 billion records.
On May 6, the Cybernews research team found a huge data set on the Internet containing personal information exclusively for Chinese citizens. The amount of data has already exceeded 1.2 billion records and continues to grow.
The first entry to this archive was added on April 29, and in just a week the amount of data increased to 1,230,703,487 entries. The leak covers about 100 gigabytes and contains mostly phone numbers, but often other sensitive data, such as home addresses and ID numbers.
Most of the data is collected from previously leaked public databases, but there are also unique and previously unseen data sets. The researchers suggest that an organized group with potentially malicious intentions is behind the data collection.
What is included in the leak?
- 668,304,162 records, including QQ account numbers and phone numbers. QQ is an extremely popular social media app in China, similar to WhatsApp.
- 502,852,106 entries containing Weibo account IDs and phone numbers. Weibo is a Chinese microblogging platform, similar to a hybrid of Twitter* and Facebook**.
- 50,557,417 entries from the ShunFeng database, which includes phone numbers, names, and addresses. ShunFeng provides logistics / courier services in China.
- 8,064,215 entries in the Siyaosu dataset, revealing names, phone numbers, addresses, and ID numbers.
- 746,310 Chezhu records, including names, phone numbers, email addresses, home addresses, and ID numbers.
- 100,790 Pingan records containing names, phone numbers, email addresses, home addresses, services ordered, card numbers, and the amount of insurance paid. Pingan is an insurance company in China.
- 78,487 entries in the Jiedai sub-range, including names, phone numbers, home addresses, ID numbers, places of work, education data, partner names and phone numbers.
All this data is stored on servers in Germany, and the Kibana interface, through which you can view data, is set to simplified Chinese, which hints at the origin of the administrator.
Potential hazards
Despite the absence of passwords in the leaked data, fraudsters can use this information to conduct large-scale fraudulent operations, including spam and phishing. Phone numbers, in particular, can be used to authenticate or restore access to accounts, which increases the risk of personal information theft or unauthorized access.
Cybercriminals can also use the collected data for social engineering, for example, trying to build trust and get more sensitive information from the victim.
Cybernews researchers have already informed the German cloud provider about illegally stored data. It is likely that he will soon take certain steps to protect them. This leak was the second largest this year, behind only the Mother of All Leaks collection, which includes 26 billion records.
