If proven to be accurate, a hacker’s claim that they acquired the personal data of 1 billion Chinese residents from a Shanghai police database would rank among the greatest data breaches in history.
In a post last week on the hacker forum Breach Forums, the anonymous hacker known only as “ChinaDan” offered to sell the more than 23 gigabytes (TB) of data for 10 bitcoin, or almost $200,000 (£165,000).
Unknown is the hacker’s true identity. None of the stories were unable to confirm the post’s veracity, and when contacted by the media, a few of the numbers in the sample database were no longer in operation.
As of Monday, Chinese authorities have not yet commented on the suspected data breach.
Senior scientist Yi Fu-Xian from the University of Wisconsin-Madison claimed to have acquired some sample data from the internet and discovered details about his native county in the province of Hunan.
He added that the demographic trend retrieved from the data is worse than the official reports, adding that the data includes information about nearly all of the counties in China and that he had even found data pertaining to a remote county in Tibet with only a few thousand individuals.
Numerous data leak events have occurred in China in recent years. Sensitive information on influential Chinese people, including Jack Ma, the founder of Alibaba, was published on Twitter in 2016.
The Chinese authorities were concerned by these instances. China approved legislation governing the handling of personal data and data generated within its borders last year.
On China’s Weibo and WeChat social media sites over the weekend, there was a lot of discussion over ChinaDan’s post, with many users concerned that it might be authentic.
On Weibo, the hashtag “Shanghai data leak” was restricted by Sunday afternoon, however there are still some debates about this occurrence on Chinese social media. Some users said they were now “transparent human beings” as they expressed their shock and dismay.
It is “impossible to parse fact from rumor mill,” wrote Kendra Schaefer, head of tech policy research at the Beijing-based consultancy Trivium China, in a post on Twitter.
If the information the hacker claimed to possess originated from the ministry of public security, Schaefer said it would be terrible for “a variety of reasons.” It would undoubtedly rank among the biggest and worst breaches in history.
The CEO of Binance, Zhao Changpeng, stated on Monday that the cryptocurrency exchange had increased user-verification procedures in response to the exchange’s threat.