Customer data from major Chinese banks allegedly up for sale


A threat actor has posted files for sale on a cybercriminal forum, claiming that they include the personal and financial data of Chinese bank customers.

The 142MB-strong dataset allegedly belongs to the customers of multiple banks in China, including the Industrial and Commercial Bank of China (ICBC), Bank of China, Agricultural Bank of China, China CITIC Bank, Shanghai Pudong Development Bank, China Merchants Bank, and China Construction Bank.

The cybercriminal or criminals behind the dataset listing claim that it comprises 2,314,340 records. The leaked database is dated December 2023 and allegedly includes mobile numbers, full names, ID numbers, account numbers, bank details, and demographic information such as province, city, mobile carrier, sex, and dates of birth.

While the phone numbers shared by the threat actors in the data sample were valid, Cybernews was unable to independently verify the claims about leaked data. Cybernews has reached out to the banks involved, but a response has yet to be received.

If proven to be authentic, the current leak will not be the first to affect Chinese banks. In November last year, ICBC was hit with a ransomware attack that affected its subsidiary ICBC Financial Services. The LockBit ransomware gang was to blame for the attack.


More from Cybernews:

The story of Rabbit R1: from hype to reality

Suspected Russian cybercrime kingpin pleads guilty in the US

Twitter founder Jack Dorsey leaves BlueSky

Android malware is wiping out bank accounts in Finland

Police resurrect LockBit’s leak site to mock criminals and tease more info

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked