Mass China Data Leak: Cabinet Urges Greater Cybersecurity

tech.hindustantimes.com:

China’s cabinet stressed the need to bolster information security, following a huge leak of personal data that could be the largest cyber-attack in the country’s history. 

A State Council meeting led by Premier Li Keqiang emphasized the need “to improve security management provisions, raise protection abilities, protect personal information, privacy and commercial confidentiality in accordance with the law,” according to the official Xinhua News Agency. The report didn’t directly reference the hack, and other state media agencies have so far been silent about the incident. 

Earlier this week, unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database. The purported theft of more than 23 terabytes of information has exposed potential data and security lapses and set the technology industry abuzz.

“China is long overdue for experiencing a breach of this scale,” said Daron Hartvigsen, managing partner at global advisory firm StoneTurn. “Historically, China is often disregarded as a viable target for criminal cyber-exploitation. Threat actors typically focus on targets likely to cave to ransom and extortion demands. It is not clear if this business model will result in similar financial returns in China.” 

Questions remain about how the unknown hackers apparently gained access to the trove run by the Ministry of Public Security’s Shanghai branch, which according to online posts included data detailing user activity from most popular Chinese apps, addresses, and phone numbers. A seller had asked for 10 Bitcoin, worth around $200,000, in exchange for the data.

President Xi Jinping has long identified data as key for governing and driving Asia’s largest economy.