I suggest we wait for further confirmation from the Chinese side but if this does come to be true, heads are gonna roll.
Miscellaneous News
- Thread starter bd popeye
- Start date
it is bekoz seeseepee corruption means low quality 300 word records for all freedomless
so 1 billion records is absolutely true, trust me
I have to say this is genius from the UK. They got punished by the EU for Brexit, so they've used the Russian-Ukrainian war to whip Europe into a warmongering frenzy, accusing anyone who doesn't support Zelensky unconditionally of being a Putin puppet.
Then when the gas is cut off, instead of rationing out what gas supplies are produced in Europe to keep essential services functioning in all countries as you would expect with NATO solidarity, they announce they will be keeping all gas they produce for themselves.
Well, some heads are gonna roll regardless. Even if it's not a billion, a lot of people's personal information were exposed. Hopefully China handles this situation better than in the West.
solarz
Brigadier
BTW, think about what it means to have access credentials visible in the source code. It means every developer who worked on that project would have the credentials that lets someone access the personal records of a billion people.
Developers don't need access credentials to production data, and they certainly don't need to put any such credentials in the source code.
Maybe something was indeed leaked, but the story and the scale is utterly fictional.
I'm thinking of one of the damage that might come out from this, other than many people being doxxed, is these personal information would be used to forge accounts with fake identities or to access into bank accounts. One solution I can think of that can be employed is to have like a two-factor authentication that would send a code to the user, when they're trying to make or access an account, and the use of facial recognition/capture at establishments that deals with sensitive info like banks and government kiosk to prevent identity forgery.
People found that blog today (check the archive record), probably someone google searched the hostname provided in the breached selling forum and happened to find this credential floating on the web. It is entirely possible the hackers used another method or credentials to access the data. Regardless even with the credentials someone had to have internal network access to dump the entire database.
The data allegedly contains the ID number/name and basic info on every person in China (1.4 billion) which is entirely possible for Shanghai police dept to have. The ID/name/addresses were also confirmed by cross-referencing other leaked chinese databases.
The data allegedly also contains the police records of all the cases in Shanghai from 1949-2021? The sample leaks shows some and this is really embarrassing stuff.
There are no photos in the leak, but the json files gave the internal links to the photos. The hackers know transferring all the photos is way too much, just the text data is 23 TB.
Like many others on the internet, I think it is real but the seller has a political motive. 10 BTC for a 23TB leak of that sensitive info is way too less, China will hunt this guy for life. It was also released on Jun 30th (right before July 1st CPC birthday), even though the data was dumped in 2021 (nothing from 2022 showed up in the sample data). Historically nasty things have a habit of showing up before CPC party congresses.
Last edited:
Either way, posting private source code from your company is an extremely dumb and dangerous action. It would give hackers insight into your code, and possibly find vulnerabilities they can exploit to gain access to the system.
Turns out. The Brits aren’t just raiding the climate fund to send to Ukraine. They are also threatening the Welsh and Scottish government to hand over a portion of their budget to Ukraine willingly or the Brits will take it themselves. So now the Welsh and Scottish are gutting their eduction and health care budget for the sake of Ukraine. Lol.
Last edited:
solarz
Brigadier
23 TB for a billion people allows for 20 kb per person. For individual case files that ranges from 1949 to 2021.
What's more, somehow this supposedly massive data is stored in clear text json format. Guess they never needed to do any queries on it?