The hacker claims to have access to the Shanghai Covid application, threatening to sell the data of millions of users
Hacker claims to have hacked into Covid app in Shanghai and stole personal user data found there
According Reuters According to a report, a cybercriminal called XJP attacked the Breach Forums hacker forum to advertise a database containing confidential information of 48.5 million users.
The database was taken from “Suishenma”, the Chinese name for Shanghai’s health code system, used by all residents and visitors to the city since the beginning of 2020. The hacker first asked for $ 4,850 for the database, but later lowered the offer to $ 4,000.
“This database (database) includes everyone who has lived or visited Shanghai since Suishenma’s adoption,” the ad reads.
Authentic samples
According to the report, the hacker included a small sample, including the data of 47 people, as evidence of his claims. The sample included the names, Chinese identification numbers, telephone numbers, and health codes of these people. The publication found 11 people confirming the authenticity of their information, although two added that their identification numbers were incorrect.
Suishenma is a must for all residents (around 25 million people) and visitors to Shanghai from early 2020. It collects travel data and then color-codes users based on their chances of contracting the virus. Users then have to show the code every time they enter public places.
Users access Suishenma via the Alipay app, Reuters he added further, noting that city officials are managing the data going into the app. At the moment, no interested party was ready to comment.
Chinese authorities face a second major data leak in two months after a cybercriminal exposed the confidential data of a billion Chinese people. This database has also been put up for sale in misconduct forums.
- Here’s our rundown of free and premium firewall options (opens in a new tab) online protection software
By: Reuters (opens in a new tab)
