ADVERTISEMENT

Unsecured Chinese companies leak users’ sensitive personal and business data

China flag
Cybernews Team
Jun 30, 2020 Updated: 6 December 2023 3 min read

What was in the database?

The Xiaoxintong database

  • Mobile numbers, addresses and GPS locations
  • Mobile numbers and names of users’ relatives and other “Guardians”
  • Location tracks (including addresses and GPS coordinates)
  • Hashed passwords
  • SOS records and SOS record locations
  • Personal IDs

The second database (possibly from Shanghai Yanhua Smartech)

part of code with some parts underlined
google serach for yhzn cropped
  1. Persons
    1. Names, ID numbers (work-related), alarm (possible entry/exits), and warnings
    2. Audio files, and some have associated names
    3. Pedometers and device battery strength
    4. Users’ heart rate, oxygen level, and probably blood pressure (DBP – diastolic blood pressure – and SDBP – systolic blood pressure)
    5. Project and person names
    6. Packet GPS locations
    7. People’s various GPS locations, including for personal “tracks”
  2. Vehicles
    1. Vehicle work IDs and license plate numbers, alarms, community weights, garbage weights, collect counts for communities (termed “villages”), etc., totaling thousands of entries
    2. Vehicle GPS locations and tracks
  3. Facilities
    1. Names of facilities, types of alarms, alarm status, GPS locations
ADVERTISEMENT

Examples of data in the second database

censored person-audio example
censored person tracks example
censored oil amt montly report example

Who had access?

What’s the impact?

Disclosure

Protect your data online with our hand-picked digital privacy tools

ADVERTISEMENT