Chinese authorities are censoring any posts on domestic social media platforms regarding an alleged data leak containing 1 billion citizens’ data, Financial Times reports.
In a post on Breach Forums, user “ChinaDan” claimed they possessed one billion Chinese nationals’ data, including names, addresses, ID numbers, mobile numbers, and any criminal records or case details, BleepingComputer reported.
The hacker named the Shanghai National Police database the leak’s source.
To confirm the claims, The Wall Street Journal’s Karen Hao called five individuals listed, who verified their names and associated case details.
Following news of the leak, hashtags like “Shanghai national security database breach” and “data leak” started to trend on Chinese social media platforms Weibo and WeChat.
However, by Monday, 4 July, the respective platforms had blocked any mention of the leak.
Chinese authorities reportedly invited some Weibo users to discuss their posts and removed a popular cyber security blogger’s post exploring the leak’s implications.
Binance CEO Zhao Chanpeng said its threat intelligence spotted these records for sale on the dark web and added the leak was likely due to a bug in an Elasticsearch deployment by a government agency.
“Apparently, this exploit happened because the gov developer wrote a tech blog on [the Chinese Software Developer Network] and accidentally included the credentials,” Zhao said.