Over 200 Million Records of Chinese People Appear for Sale on the Darkweb

  • A set of three data packs totaling more than 200 million records appeared on the dark web.
  • The listings have been added by the same actor on two different popular dark web forums.
  • The data on the packs appears to be valid and fresh, so the breaches must be fairly recent.

Cyble’s dark web monitoring tools have caught three new interesting listings on a popular cybercrime forum, all concerning Chinese citizens. The first one is a data pack containing the sensitive details of roughly 7.3 million people from the Hubei province in China. The actor has offered a sample of 999 citizens to serve as proof for the validity of the data.

The second one is a listing of 41.8 million records that appear to come from the Weibo platform, a Chinese microblogging website. And thirdly, there’s a whopping 192 million records deriving from a compromise on the QQ instant messaging platform, a project belonging to the Chinese tech giant Tencent.

In the first case, and based on the analysis of the sample data, the researchers found the following details in the pack:

  • User ID
  • Sex
  • Full Name
  • Date of Birth
  • Mobile Number
  • Home Address
  • Code number

In the Weibo pack, there’s the Weibo user ID and the respective mobile phone number. And as for the QQ, the user number (qq number) and the phone number are included in CSV format again. Whether or not the seller was involved in the hacks that resulted in stealing this data is unknown, but in all three cases, it’s the same user who has uploaded the data.

The obvious risk that arises from the above is SMS spamming or phishing, so if you’re using any of the three platforms mentioned above, beware. The fact that names and mobile phone numbers have leaked also makes it possible for SIM swapping actors to act in a more targeted manner, which is another reminder of why you should use dedicated phone numbers for 2FA security. And finally, the home address leak in the first case makes the arrival of phishing mail via post possible.

Back in March, we saw a massive 538 million Weibo user records appearing on the dark web, which contained a lot more than what has leaked now. It is possible that the new listing is just a reducted repack of the previous leak, but it is unlikely. If this is indeed a new leak, it is yet another security lapse in less than a year for the popular Chinese social media platform.

REVIEW OVERVIEW

Latest

Is It Okay to Charge iPhone 13, Mini, Pro, or Pro Max Overnight?

Without any doubt, there are plenty of misconceptions about charging iOS devices. That’s even more true now since this year’s iPhones have the...

Is It Okay to Play Games While Charging iPhone 13? 

The iOS App Store offers more than one million games. Your options are practically limitless, with console-like games taking full advantage of iPhone 13’s...

Is It Bad to Use iPhone 13 While Charging? 

The latest iPhone generation comes with the longest battery life yet, managing to provide up to 2.5 extra hours of use. With that said,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari