July 11, 2022

According to the South China Morning Post, the Chinese president has called on public institutions in China to “defend information security… to protect personal information, privacy, and confidential corporate information,” which will help people feel safe when they provide their data to public services.

The president’s statement follows a hacker’s decision to sell stolen data of one billion Chinese citizens. According to the hacker, the data was stolen from Shanghai National Police and includes information such as names, addresses, national identification numbers and mobile phone numbers.

The 23 terabytes of data is believed to be the largest ever sale of data on record and was offered for US$200,000 until the post was removed on Friday. According to cybersecurity experts, at least a small part of the data offered is genuine.

According to Toby Lewis, global head of threat analysis at Darktrace, there is a possibility that the leaked information may have been a major concern for Chinese authorities, who reportedly blocked discussions about sales on Chinese social networks shortly after it was announced.

“It remains unclear exactly why the data has been withdrawn. The original offer of sale suggests that the hacker was looking to sell the data to several buyers without exclusivity, rather than just one. So one theory is that for a high enough price exclusivity could have been bought, and that kind of purchase could possibly have been made by the Chinese state itself,” Lewis said.

The sources for this piece include an article in BBC.