• Chinese authorities have intensified their investigation to determine the veracity of the claim announced by a hacker in a forum.
• The theft of personal data from one billion Chinese residents has raised alarm among online users.
• Binance CEO Zhao Changpeng reported that his company detected the alleged personal records breach.

The hacker who identified himself with the pseudonym “ChinaDan” would have managed to breach the security systems of the Shanghai police, stealing personal information from some 1 billion Chinese national residents. If this fact is true, it would make it the biggest data theft in history.

Last week, the hacker published a post on the hacker forum Breach Forums in which he showed the gigantic data leak equivalent to 23 terabytes (TB) for sale for a price of 10 bitcoins (about $200,000).

“In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on billions of Chinese citizens,” the hacker wrote in the publication cited by Reuters, which claimed to have been unable to confirm its authenticity.

It added that the database also contains information on "several billion case records, including: name, address, birthplace, national ID number, mobile number, all crime/case details."

Chinese Government Remains Silent

The data leak has caused a stir among the Chinese authorities as well as a series of speculations about the veracity of the hack.

Binance CEO and founder Zhao Changpeng commented on the alleged information theft on his Twitter account on Monday. He said the exchange platform detected the breach of one billion resident records "from an Asian country."

However, he did not specify which one, which has caused the Chinese police to intensify the verification of the alleged theft and investigate how it could have happened. Neither Beijing nor the Shanghai police department have so far responded to requests for comment.

Zhao said the theft occurred "Likely due to a bug in an Elastic Search deployment by a gov agency." And he added: “This has an impact on measures to detect/prevent hackers, mobile phone numbers used for account takeover, etc.”

The post with the unknown hacker’s comments has been going viral on Chinese social media platforms WeChat and Weibo since the weekend to the point that Weibo blocked the hashtag “data leak” on Sunday afternoon.

The Worst Cyber Attack in History

Meanwhile, Chinese users are worried and fear that the cyber attack that caused this data leak could be real.

Kendra Schaefer, director of technology policy research at Trivium China, a Beijing-based consultancy, also commented on Twitter that it is “difficult to analyze the truth of rumours” for now.

She indicated that if the stolen data came from the Ministry of Public Security, it would be bad news for "several reasons." "Obviously, it would be one of the biggest and worst infractions in history," Schaefer said.

“The records also allegedly contain details on case files of minors. So that would be a violation of the Minor Protection Law,” she said. “Would be surprised if they don't also contain files on celebs and minor officials,” she added. 

On The Flipside

• What could be the biggest data theft in history comes after the Chinese government’s promise to improve data privacy protection for its citizens.
• It even instructed tech companies to ensure safer storage after user complaints.
• In 2021, the government passed new laws related to the handling of the personal information of online users and other internal data.

Why You Should Care

• If the theft of information from companies and public agencies continues to increase, this year could close with a historical record level, given the number of crimes committed so far.