Shanghai police database leak

Last updated

The Shanghai police database leak refers to the unauthorized disclosure of sensitive personal information and police case data from the Shanghai National Police Database, also known as the SHGA Database, in early July 2022. The leaked data, totaling over 23 terabytes, includes details of more than one billion Chinese residents, encompassing names, addresses, birthplaces, resident ID card numbers, phone numbers, photos, mobile phone numbers, and information on criminal cases. The data was made available for sale on the internet by an unidentified hacker, who demanded a price of 10 bitcoins. [1] [2]

The origin of the leaked information is believed to be the Shanghai Public Security Bureau, although this has not been officially confirmed. Screenshots shared online revealed a vast amount of intricate police information, such as the time of reporting criminals, the contact numbers of reporting individuals, and the reasons for reporting. Notably, initial analysis indicated that the personal data originated from residents all across mainland China, rather than being limited to Shanghai alone. [3] [4]

If the reported volume of data is accurate, the Shanghai police database leak would be regarded as the largest and most significant incident of its kind since 1949. [5] The news of the leak faced censorship on the social platform Weibo in mainland China, potentially to impede its spread. The authorities have not yet acknowledged or publicly addressed the incident. Despite inquiries sent by Bloomberg to the Central Cyberspace Administration of China and the Shanghai Police Bureau, no responses have been received thus far. Bloomberg criticized the lack of transparency and disclosure surrounding data breaches in the People's Republic of China, citing previous incidents such as the leakage of personal information of Communist Party members in 2016, the Weibo account information leak in 2020, and the information leakage from Xinjiang re-education camps in 2022. [3] Cybersecurity researcher Vinny Troia claimed he discovered the leak over a year before the server was eventually shut down. [6]

See also

Sources

  1. Ni, Vincent (2022-07-04). "Hacker claims to have obtained data on 1 billion Chinese citizens". The Guardian. ISSN   0261-3077 . Retrieved 2023-05-14.
  2. "Hackers offer data on 1 billion Chinese after alleged leak". www.aljazeera.com. Retrieved 2023-05-14.
  3. 1 2 "Hackers Claim Theft of Police Info in China's Largest Data Leak". Bloomberg . 2022-07-04. Retrieved 2022-07-04.
  4. "網傳上海公安系統遭駭 10億公民個資售20萬美元 | 兩岸 | 中央社 CNA". Central News Agency (in Chinese). 4 July 2022. Retrieved 2022-07-04.
  5. "上海公安數據庫傳遭駭 10億陸民訊息20萬美元網上兜售". United Daily News (in Chinese). 2022-07-04. Retrieved 2022-07-04.
  6. Hao, Karen (6 July 2022). "China Police Database Was Left Open Online for Over a Year, Enabling Leak". Wall Street Journal. Wall Street Journal. Retrieved 23 November 2022.

Related Research Articles

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

Xie Hui is a former professional Chinese football player who is currently the head coach for Dalian Professional.

A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, information leakage and data spill. Incidents range from concerted attacks by individuals who hack for personal gain or malice, organized crime, political activists or national governments, to poorly configured system security or careless disposal of used computer equipment or data storage media. Leaked information can range from matters compromising national security, to information on actions which a government or official considers embarrassing and wants to conceal. A deliberate data breach by a person privy to the information, typically for political purposes, is more often described as a "leak".

Online uncovering, also called doxing, is the practice of revealing private information about an individual or organization gathered from online sources. Methods include searching public databases, social media and email accounts, and hacking. When done by private individuals it is a form vigilantism. It can also be used by law enforcement departments. For example, it helped the Hong Kong Police Force to investigate the background information of suspects. Driven by the prevalence of the internet and online forums such as the Golden Forum, online uncovering has become a social phenomenon in Hong Kong. It is used to shame, harass, and tarnish of reputation of the victims.

The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an advanced persistent threat based in China, widely believed to be the Jiangsu State Security Department, a subsidiary of China's Ministry of State Security spy agency.

<span class="mw-page-title-main">Faye (Taiwanese singer)</span> Taiwanese singer, songwriter and actress

Zhan Wen-ting , known professionally as Faye, is a Taiwanese singer and businesswoman. She is the former lead vocalist of pop rock band F.I.R., who won Golden Melody Award for Best New Artist in 2005.

<span class="mw-page-title-main">Ugly Beauty World Tour</span> 2019–2024 concert tour by Jolin Tsai

Ugly Beauty World Tour is the fifth concert tour by Taiwanese singer Jolin Tsai. It started on December 30, 2019, in Taipei, Taiwan at Taipei Arena.

<i>Cyber Heist</i> 2023 Hong Kong film

Cyber Heist, previously known as Disconnected, is a 2023 Hong Kong action thriller film directed by Danny Wong and starring Aaron Kwok as a cyber security engineer who develops an AI programme application which can potentially disable all of Hong Kong's networks. The film co-stars Gordon Lam, Simon Yam and Megan Lai.

Vastaamo was a Finnish private psychotherapy service provider founded in 2008. On 21 October 2020, Vastaamo announced that its patient database had been hacked. Private information obtained by the perpetrators was used in an attempt to extort Vastaamo and, later, its clients. The extorters demanded 40 bitcoins, roughly 450,000 euros, and threatened to publish the records if the ransom was not paid. To add pressure to their demands, the extorters published hundreds of patient records a day on a Tor message board.

ShinyHunters is a criminal black-hat hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.

<span class="mw-page-title-main">Health Code</span> Type of applications used during COVID-19 in mainland China

Health Code is a type of application used during COVID-19 in mainland China. It was used as an e-passport that reports if the user has been in an area with current cases of infection. An applicant provides information such as travel history, residence, and medical records. The application will then generate a QR code that identifies the individual's risk level as red, yellow, or green. As of April 2020, over 200 cities and 20 provinces employed health code supported by Alipay. There are a wide range of health codes run by different localities.While many assumed these codes would be phased out post-pandemic, research indicates their continued use and integration beyond the health crisis.

<span class="mw-page-title-main">Godtone</span> Taiwanese Twitch streamer, YouTuber, and professional League of Legends player

Chia-hang Chang, better known as Godtone (統神), is a Taiwanese Twitch streamer, YouTuber, and professional League of Legends player. Debuting in 2013 by streaming League of Legends gameplay, Chang is known for his blunt and impassioned commentary. He is a frequent subject of internet memes, most notably "Godtone carrying hot pot".

<span class="mw-page-title-main">2022 Shanghai COVID-19 outbreak</span> COVID-19 viral outbreak in Shanghai in 2022

A COVID-19 outbreak in the city of Shanghai, China began on February 28, 2022, and ended on August 7, 2022. The outbreak was caused by the Omicron variant and became the most widespread in Shanghai since the pandemic began two years prior. Authorities responded with mass COVID-19 testing and a strict lockdown of the city in an effort to uphold China's zero-COVID policy; the latter marked the largest one in the country since the lockdown of Hubei in early 2020. The outbreak caused substantial economic and social disruption across Shanghai with consequences felt elsewhere, and led to the spread of COVID-19 to other parts of China, including Beijing, Guangdong, and Hunan.

On 10 June 2022, a group of men assaulted four women at a barbecue restaurant in Lubei District, Tangshan. Before dawn, a drunk man named Chen Jizhi attempted to sexually harass a woman. When the act was met with resistance, he became angry; Chen Jizhi and several of his companions violently assaulted the four women.

Model Media is a US-registered pornographic website producing films in Chinese. It recruits porn actors and actresses in mainland China and Taiwan. The content of its films is mainly inspired by the storylines of Japanese adult videos (JAVs) or well-known East Asian movies. Although actors and actresses are mostly Taiwanese, the film makers require them to speak in mainland Chinese accents and diction, and the covers, subtitles and advertisements are all in simplified Chinese.

<span class="mw-page-title-main">Vinny Troia</span> American ethical hacker and cybersecurity researcher

Vincenzo Troia is an American ethical hacker and cybersecurity researcher who is known for reporting and identifying The Dark Overlord and hacker pompompurin, who was the owner-operator of the website BreachForums and was also involved in the 2021 FBI email hacking. He is also known for disclosing the Shanghai police database leak in 2022.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.