Miscellaneous News

GodRektsNoobs

Junior Member
Registered Member
People found that blog today (check the archive record), probably someone google searched the hostname provided in the breached selling forum and happened to find this credential floating on the web. It is entirely possible the hackers used another method or credentials to access the data. Regardless even with the credentials someone had to have internal network access to dump the entire database.

The data allegedly contains the ID number/name and basic info on every person in China (1.4 billion) which is entirely possible for Shanghai police dept to have. The ID/name/addresses were also confirmed by cross-referencing other leaked chinese databases.
The data allegedly also contains the police records of all the cases in Shanghai from 1949-2021? The sample leaks shows some and this is really embarrassing stuff.

There are no photos in the leak, but the json files gave the internal links to the photos. The hackers know transferring all the photos is way too much, just the text data is 23 TB.

Like many others on the internet, I think it is real but the seller has a political motive. 10 BTC for a 23TB leak of that sensitive info is way too less, China will hunt this guy for life. It was also released on Jun 30th (right before July 1st CPC birthday), even though the data was dumped in 2021 (nothing from 2022 showed up in the sample data). Historically nasty things have a habit of showing up before CPC party congresses.
What are the implications of this leak? How did leak of this magnitude stay on the internet for an entire year without anyone noticing? How was there no heightened network security measures despite occurance of numerous past leaks in China, especially considering this is the police force for one of the biggest and most developed cities gobally?
 

MortyandRick

Senior Member
Registered Member
People found that blog today (check the archive record), probably someone google searched the hostname provided in the breached selling forum and happened to find this credential floating on the web. It is entirely possible the hackers used another method or credentials to access the data. Regardless even with the credentials someone had to have internal network access to dump the entire database.

The data allegedly contains the ID number/name and basic info on every person in China (1.4 billion) which is entirely possible for Shanghai police dept to have. The ID/name/addresses were also confirmed by cross-referencing other leaked chinese databases.
The data allegedly also contains the police records of all the cases in Shanghai from 1949-2021? The sample leaks shows some and this is really embarrassing stuff.

There are no photos in the leak, but the json files gave the internal links to the photos. The hackers know transferring all the photos is way too much, just the text data is 23 TB.

Like many others on the internet, I think it is real but the seller has a political motive. 10 BTC for a 23TB leak of that sensitive info is way too less, China will hunt this guy for life. It was also released on Jun 30th (right before July 1st CPC birthday), even though the data was dumped in 2021 (nothing from 2022 showed up in the sample data). Historically nasty things have a habit of showing up before CPC party congresses.
Can you link the forum where this person is selling it? Wonder if the Chinese MSS would have the ability to track this guy down or if they are even aware?

how damaging to the country is this leak?
 

coolgod

Colonel
Registered Member
Can you link the forum where this person is selling it? Wonder if the Chinese MSS would have the ability to track this guy down or if they are even aware?

how damaging to the country is this leak?
I have already linked the seller thread in my initial post response, the thread also contains a sample of 750k datapoints which you can download to check for yourself
https://www.reddit.com/r/real_China_irl/comments/vqjlmr
I followed the twitter thread and found this disgusting sub where everyone is cheering on the leak. Anyways it suggests the credentials were leaked in a blog post 2 years ago.
Please, Log in or Register to view URLs content!

I downloaded the sample leak files, if true (I think likely) this is very damaging.
Original breached thread
Please, Log in or Register to view URLs content!

23 TB for a billion people allows for 20 kb per person. For individual case files that ranges from 1949 to 2021.

What's more, somehow this supposedly massive data is stored in clear text json format. Guess they never needed to do any queries on it?
From the "seller"
----TABLES----
person_address_label_info_slave QFpD25bKTJ2eQBxcbe2Aaw 90 0 546148916 0 172.2gb 172.2gb
nb_theme_address_merge_tracks_slave -bUMVB1uRRusUbbqZepEpA 300 0 37483779369 4 22.4tb 22.4tb
nb_theme_address_case_dwd_test 7COIWTt7QU-YPwWub8z_SQ 150 0 22375506 1749307 25.2gb 25.2gb
nb_theme_address_company_dwd-total fpnmEYB9SI6WevHnZIEwIA 150 0 1842856 0 2.8gb 2.8gb
nb_theme_address_case_dwd-total 7X8oNqULQnWFLpzHDaUTbg 150 0 1214119253 0 1tb 1tb
nb_theme_address_company_dwd_test g5f6l4LGQcGL3oQ6ON2Bbw 150 0 2017931 0 4.3gb 4.3gb
person_address_label_info_master t64pp9WnS3maY9jBjzTtiw 90 0 969830088 0 282.8gb 282.8gb

Data Details:

Databases contain information on 1 Billion Chinese national residents and several billion case records, including:
- Name
- Address
- Birthplace
- National ID Number
- Mobile number
- All Crime / Case details
All crime/case details is for shanghai only, so not 1.4 billion, there should also be the basic ID info on all 1.4 Billion Chinese. There are also a lot of misc stuff from people all across China which I still haven't figured out in the sample.

Can you link the forum where this person is selling it? Wonder if the Chinese MSS would have the ability to track this guy down or if they are even aware?

how damaging to the country is this leak?
All the Shanghai case details is very damaging. The US already public tracks CPC officials. e.g.,
Please, Log in or Register to view URLs content!

Cross-reference any party members in Shanghai or anyone in powers of authority, the blackmail potential is enormous.
 

eprash

Junior Member
Registered Member
I have already linked the seller thread in my initial post response, the thread also contains a sample of 750k datapoints which you can download to check for yourself



From the "seller"

All crime/case details is for shanghai only, so not 1.4 billion, there should also be the basic ID info on all 1.4 Billion Chinese. There are also a lot of misc stuff from people all across China which I still haven't figured out in the sample.


All the Shanghai case details is very damaging. The US already public tracks CPC officials. e.g.,
Please, Log in or Register to view URLs content!

Cross-reference any party members in Shanghai or anyone in powers of authority, the blackmail potential is enormous.
Isn't 20th Congress coming up looks like political power will go further North
 

MortyandRick

Senior Member
Registered Member
I have already linked the seller thread in my initial post response, the thread also contains a sample of 750k datapoints which you can download to check for yourself



From the "seller"

All crime/case details is for shanghai only, so not 1.4 billion, there should also be the basic ID info on all 1.4 Billion Chinese. There are also a lot of misc stuff from people all across China which I still haven't figured out in the sample.


All the Shanghai case details is very damaging. The US already public tracks CPC officials. e.g.,
Please, Log in or Register to view URLs content!

Cross-reference any party members in Shanghai or anyone in powers of authority, the blackmail potential is enormous.
Now that it is exposed, I would think black Mail potential to be lower since it’s already out there. The Chinese MSS must be monitoring the situation, or at least they should know about it otherwise this is pure incompetence And I find it hard to believe they are that incompetent.
 

Coalescence

Senior Member
Registered Member
Does anyone else have experience with this forum? It seems all the database leaks are from China? Is this some sort of attack on Chinese databases?
I did a quick look around in the forum, and it seems to be not limited to Chinese database only, there's a lot from US and some from Europe like Germany and Sweden. Reading through the replies in that thread, I'm really amused by some of them think the OP committed a heroic act or humiliated the government.

I think the end result would just be some local government officials getting blamed and sacked from this incident, and a greater push by the central government to further control and regulate data collection on big data companies, while Xi's faction can blame this on the corruption of the opposing faction, increasing his influence in the party.
 

BlackWindMnt

Captain
Registered Member
I did a quick look around in the forum, and it seems to be not limited to Chinese database only, there's a lot from US and some from Europe like Germany and Sweden. Reading through the replies in that thread, I'm really amused by some of them think the OP committed a heroic act or humiliated the government.

I think the end result would just be some local government officials getting blamed and sacked from this incident, and a greater push by the central government to further control and regulate data collection on big data companies, while Xi's faction can blame this on the corruption of the opposing faction, increasing his influence in the party.
Seems to not have been a software issue but a human issue, that a person posted credentials on a slide or something.
The second human issue is not changing or rotating passwords or credentials keys every 6 months or once a year.

I would say that 90% of leaks happen because of humans, that is why we have something called social engineering.
Social engineering is the art of getting credential information from other humans like help desk workers etc.
Acting as if you're from IT that they need to check their login credentials send them to a password fishing site and get their credentials etc.
 
Last edited:
Top