Over 200 Million Records of Chinese People Appear for Sale on the Darkweb

  • A set of three data packs totaling more than 200 million records appeared on the dark web.
  • The listings have been added by the same actor on two different popular dark web forums.
  • The data on the packs appears to be valid and fresh, so the breaches must be fairly recent.

Cyble’s dark web monitoring tools have caught three new interesting listings on a popular cybercrime forum, all concerning Chinese citizens. The first one is a data pack containing the sensitive details of roughly 7.3 million people from the Hubei province in China. The actor has offered a sample of 999 citizens to serve as proof for the validity of the data.

The second one is a listing of 41.8 million records that appear to come from the Weibo platform, a Chinese microblogging website. And thirdly, there’s a whopping 192 million records deriving from a compromise on the QQ instant messaging platform, a project belonging to the Chinese tech giant Tencent.

In the first case, and based on the analysis of the sample data, the researchers found the following details in the pack:

  • User ID
  • Sex
  • Full Name
  • Date of Birth
  • Mobile Number
  • Home Address
  • Code number

In the Weibo pack, there’s the Weibo user ID and the respective mobile phone number. And as for the QQ, the user number (qq number) and the phone number are included in CSV format again. Whether or not the seller was involved in the hacks that resulted in stealing this data is unknown, but in all three cases, it’s the same user who has uploaded the data.

The obvious risk that arises from the above is SMS spamming or phishing, so if you’re using any of the three platforms mentioned above, beware. The fact that names and mobile phone numbers have leaked also makes it possible for SIM swapping actors to act in a more targeted manner, which is another reminder of why you should use dedicated phone numbers for 2FA security. And finally, the home address leak in the first case makes the arrival of phishing mail via post possible.

Back in March, we saw a massive 538 million Weibo user records appearing on the dark web, which contained a lot more than what has leaked now. It is possible that the new listing is just a reducted repack of the previous leak, but it is unlikely. If this is indeed a new leak, it is yet another security lapse in less than a year for the popular Chinese social media platform.

How to Watch Shetland Season 7 Online From Anywhere
Shetland is back to answer all of the questions that left us hanging at the end of the last series, and you...
Real Madrid Vs Eintracht Frankfurt Live Stream: How to Watch UEFA Super Cup Final Online From Anywhere
The new soccer season is upon us, which means it is time for the UEFA Super Cup Final. Played between the previous...
How to Watch I Am Groot Online On Disney Plus
Marvel's I Am Groot is almost here, which means Marvel fans need to add one more show to their watchlist this summer. We...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari