A data leak including personal details such as bank card numbers and home addresses of over 630 million users from China has been claimed on a cybercrime forum.
Unknown threat actors posted a massive data set on the Russia-linked forum, allegedly offering users the opportunity to buy sensitive details of 8% of the world’s population.
Data samples accompanying the forum ad suggest the data set includes sensitive data such as exposed users’ names and surnames, national ID numbers, home addresses, mobile phones, gender, and bank card numbers.
Attackers behind the ad claim that 30% of the entries have bank card details. According to the Cybernews research team, the sample indicates that most exposed users had UnionPay bank cards. UnionPay is a Chinese state-owned financial services corporation offering an alternative to Visa or Mastercard.
Threat actors claim the data was stolen in April 2023, yet do not reveal where they took it from. However, samples provided by threat actors suggest that the data was taken from a server hosted in France.
If confirmed, the leak would hardly be the first time a humongous amount of data on Chinese citizens leaked. Last year, attackers said they obtained 23 terabytes of data on one billion Chinese nationals and several billion case records from the Shanghai National Police (SHGA).
While the never-ending stream of data breaches can cause fatigue, the dangers of losing one’s own persist. For example, cybercriminals can use personal information to commit fraud: from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.
Experts warn that even seemingly insignificant pieces of leaked personal information can be collated to have a devastating impact. Victims whose data has been leaked often don’t realize they have been compromised and therefore take no action to mitigate the outcome.
Your email address will not be published. Required fields are markedmarked