Recently, China could have suffered the biggest cyber attack in its history. This is what Bloomberg sources confess, where it is stated that up to 23 terabytes of personal information from residents of that country have been stolen. The cybercriminals would have entered the systems of the Shanghai police.

Everything indicates that the computer attack would have been carried out by the ChinaDan group. The information contained names, addresses, identity documents, telephone numbers, and information on criminal cases of About a billion people in Shanghai. According to the sources, the data appeared on a Dark Web forum, where it was sold for 10 bitcoins, approximately 190,000 euros.

The data of billions of residents would have been compromised

This theft of information would allow a multitude of cybercriminals to act based on the data obtained, being able to execute all kinds of fraudulent maneuvers. Given the magnitude of the information stolen, practically an entire nation would be affected by this incidentbeing able to be victims of attacks that range from identity theft (phishing) to SIM swapping, passing through exposing other personal data of the victims.

At the moment, it has not yet been possible to confirm the veracity of the theft, since ChinaDan has not offered any sample of the information extracted, unlike other groups such as Lapsus$, who have given the occasional headache to a multitude of companies. in recent months. The only proof of the theft is a small screenshot showing different files supposedly extracted from the Shanghai Police.

The authorities remain silent

None of the country’s authorities have yet confirmed the attack. Neither has China’s Cyberspace Administration, which is charged with “supervising” the country’s internet. This is not strange, because publicly acknowledging data breaches is not common practice in Chinaor at least that is what we have learned in recent years.

In 2020 for example, Weibo, the most important forum in China, Weibo claimed to have been the victim of a data leak from more than 538 million of its usersbut the authorities decided to remain silent.

The alleged ChinaDan attack would correspond to what was confirmed by the CEO of Binance, Changpeng Zhao, who said on Monday that the division of his company in charge of preventing computer security threats had detected the sale of data of 1,000 million residents of “an Asian country” on the Dark Web. Although he did not comment on more details, everything indicates that it would have to do with the aforementioned attack.

Our threat intelligence detected 1 billion resident records for sell in the dark web, including name, address, national id, mobile, police and medical records from one asian country. Likely due to a bug in an Elastic Search deployment by a gov agency. This has impact on … — CZ 🔶 Binance (@cz_binance) July 3, 2022

Another possibility, and one also mentioned by Zhao, is that the detection could have been a “bug in an Elastic Search implementation by a government agency.” Elastic Search is an open source search server developed in Java that is used by many web applications around the world.

As there is so little information about the attack, we will have to wait until we know more details about it, since it has not yet been discovered how they would have compromised the systems of the Shanghai authorities. If true, we would be talking about the biggest computer attack in the country’s history.