The Cybernews research team, in collaboration with cybersecurity researcher Bob Dyachenko, has uncovered a major data leak in China. A huge, 631 gigabytes-strong database was left without a password, publicizing mind-boggling 4 billion records.
The database consisted of numerous collections, containing from half a million to over 800 million records from various sources. The Cybernews research team believes the dataset was meticulously gathered and maintained for building comprehensive behavioral, economic, and social profiles of nearly any Chinese citizen.
Key research takeaways:
The database was quickly taken down, preventing researchers from identifying its owners. Before removal, the team accessed 16 separate data collections:
- 805 million records in a dataset labeled “wechatid_db” — likely user identifiers from WeChat, China’s largest messaging and payments app.
- 780 million records in “address_db” — containing residential information with geographic data, potentially revealing where users live.
- 630 million records in “bank” — included financial data, such as names, phone numbers, payment card numbers, and birth dates.
- 610 million records in a dataset translated as “three-factor checks” — likely tied to real-name identification, combining user IDs, phone numbers, and usernames.
- 577 million records in “wechatinfo” — believed to contain WeChat metadata, communication logs, or conversations.
- 300 million records in “zfbkt_db” — related to Alipay, containing card and token information; plus 20 million more records in a separate dataset with additional Alipay-linked financial data.
- 353 million records were spread across nine more collections, covering topics such as gambling history, vehicle registration, employment, pension funds, and insurance data.
- One dataset, tw_db, appears to focus on Taiwan-specific information, raising concerns of potential geopolitical surveillance.
Leak significance
The implications of this breach are far-reaching. Skilled attackers could identify where individuals live, their financial habits, debts, and even savings. With such comprehensive personal data, threat actors could launch highly targeted phishing attacks, commit identity or insurance fraud, or even engage in coercion or blackmail.
This lack of attribution means that affected individuals have no way of knowing their data was compromised, nor any channel to seek remediation.
To read the full research report, please click here.
Like this:
Like Loading...
Related
This entry was posted on June 5, 2025 at 9:52 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Major data leak exposes over 4 billion user records
The Cybernews research team, in collaboration with cybersecurity researcher Bob Dyachenko, has uncovered a major data leak in China. A huge, 631 gigabytes-strong database was left without a password, publicizing mind-boggling 4 billion records.
The database consisted of numerous collections, containing from half a million to over 800 million records from various sources. The Cybernews research team believes the dataset was meticulously gathered and maintained for building comprehensive behavioral, economic, and social profiles of nearly any Chinese citizen.
Key research takeaways:
The database was quickly taken down, preventing researchers from identifying its owners. Before removal, the team accessed 16 separate data collections:
Leak significance
The implications of this breach are far-reaching. Skilled attackers could identify where individuals live, their financial habits, debts, and even savings. With such comprehensive personal data, threat actors could launch highly targeted phishing attacks, commit identity or insurance fraud, or even engage in coercion or blackmail.
This lack of attribution means that affected individuals have no way of knowing their data was compromised, nor any channel to seek remediation.
To read the full research report, please click here.
Share this:
Like this:
Related
This entry was posted on June 5, 2025 at 9:52 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.