Posted on March 23, 2020 at 11:49 AM
The last several years have seen numerous major data dumps, and another was just recently discovered on a dark web hacking forum. This time, a hacker posted details of over 538 million users of the Chinese social network, Weibo.
The data is currently available for sale, and the hacker has also taken to posting ads all over the shadier part of the internet, offering it to the highest bidder.
The ads claim that the Weibo breach during which the data was stolen actually happened a while ago, in mid-2019.
The hacker managed to obtain a major chunk of the company’s user database, which includes details of 538 million accounts, and even 172 million users’ phone numbers. The rest of the stolen data includes details like the usernames, real names, locations, genders, and alike.
Fortunately, it appears that the passwords do not come as part of the package. This is also the reason why the information belonging to nearly 540 million people is only being sold for $250 (¥1,799).
Weibo itself released a statement regarding the reports of the data dump and last year’s hack of the platform, but its statement has not clarified the situation. In fact, if anything, it made it more confusing.
The company sent a statement to multiple Chinese news media websites, claiming that the phone numbers that the hacker claims to have collected were actually obtained in late 2018.
Back then, according to the company, its engineers noticed that numerous user accounts are uploading rather large batches of contacts. Their goal was to match accounts on the network with the accounts within their phones.
However, there were numerous security experts who claimed that there are multiple technical irregularities with this version of events. For example, the ad that the hacker had posted has indicators that suggest that the offered data comes from an SQL database dump. This does not match with the firm’s claims that the phone numbers were stolen back when the users started matching contacts against the API.
That is not all, either, as the firm’s statement still doesn’t explain how the attacker stole data like location or gender. This data is not public, meaning that other Weibo users cannot obtain it unless if they steal it from the company itself.
The controversial report has led to a lot of speculation on China’s social media, and its members are now speculating where the data came from, when was it stolen, how the attacker did it, and why nobody knew about it.
The data itself was confirmed to be accurate, as the hacker, who calls himself @weibo in some of his ads, provided several samples. The samples were then confirmed to be legitimate by some Weibo users. As for the company, it said that it notified the authorities of the incident and that the case is currently being investigated by the police.
Chinese authorities are swift when dealing with hackers
With the case currently still being under investigation, not a lot of information has been revealed as of yet. However, as many likely know the Chinese government has a near-totalitarian control over its internet. As such, the country’s authorities have historically been able to track most hacks within the country without too much trouble.
One example of this came in the summer of 2018 when another hacker attacked the Huazulu Hotel Group. The attack resulted in a theft of details belonging to millions of hotel guests that stayed in the Group-owned properties.
However, the hacker did not evade the authorities for long, and Chinese police found him and arrested him only a few weeks after the data was offered for sale on the internet.
The data was still sold, however, but the hacker was found rather quickly, and there is a fair chance that the new incident might see a similar conclusion in weeks to come.