Actor’s Mysterious Data Breach Exposes Over 1.2 Billion Records of Chinese Users

Published:

spot_img

Massive Data Leak Exposes Over 1.2 Billion Records of Chinese Citizens

An unknown actor has been discovered building a massive compilation of breaches targeting Chinese individuals, with over 1.2 billion records already leaked online. The Cybernews research team uncovered this colossal dataset on May 6th, focused solely on citizens of China. The actor behind it likely misconfigured the Elasticsearch instance, leading to the data leak.

The COMB, or Compilation of Many Breaches, started growing recently and now contains personal data records of Chinese citizens, making up about 87% of the country’s population. Each record includes at least a phone number, with some also containing sensitive information like addresses and ID card numbers.

The dataset includes records from popular Chinese platforms like QQ and Weibo, as well as logistic services and insurance companies. The intent behind this massive data collection remains unclear, but the Cybernews research team warns of potential malicious activities like spear-phishing attacks and scams targeting Chinese citizens.

While the data does not include passwords, threat actors could still use it for social engineering attacks or identity theft. The researchers have informed the German cloud provider hosting the data about the illegal storage and open access to this sensitive information.

This discovery marks the second-largest leak this year, following the Mother of All Breaches collection. The Cybernews team advises individuals to be cautious as their personal information may be used for fraudulent activities in the future.

spot_img

Related articles

Recent articles

Russ Vought Takes Charge of Intelligence Budget Oversight Amid Administration’s Downsizing Efforts

Russ Vought Takes Charge of Intelligence Budget Oversight Amid Administration's Downsizing Efforts In a significant shift within the U.S. intelligence community, Russell Vought, the director...

Kidneys and Hearts Listed on Dark Web: Organ Racket or Elaborate Scam?

Kidneys and Hearts Listed on Dark Web: Organ Racket or Elaborate Scam? A recent investigation has unveiled alarming claims surrounding the illegal organ trade on...

Cequence Advances API Security with AI-Native Platform 9.0, Enhancing Compliance and Performance

Cequence Advances API Security with AI-Native Platform 9.0, Enhancing Compliance and Performance Cequence Security has launched its latest offering, Cequence Platform 9.0, marking a significant...

JustAI Secures $17 Million to Propel Agentic AI Revolution in Marketing Execution

JustAI Secures $17 Million to Propel Agentic AI Revolution in Marketing Execution In a significant development for the marketing technology landscape, San Francisco-based startup JustAI...