Massive Chinese data breach allegedly spills 8.7 billion records

BBS:      TELESC.NET.BR
Assunto:  Massive Chinese data breach allegedly spills 8.7 billion records
De:       Mike Powell
Data:     Fri, 6 Feb 2026 08:08:11 -0500
-----------------------------------------------------------
Massive Chinese data breach allegedly spills 8.7 billion records - here's what
we know

By Sead Fadilpa?i? 

Someone kept a gigantic database unlocked on the internet

 Exposed Elasticsearch cluster leaked 8.7 billion records of Chinese
individuals and businesses
 Data included PII, plaintext passwords, and corporate registration details
 Cluster likely run by data brokers; hosted on bulletproof provider, now locked
down after discovery

One of the largest data leaks ever to happen in China has been detected after
security researchers from Cybernews reported coming across an exposed
Elasticsearch cluster that contained more than 160 indices.

These indices held approximately 8.7 billion records, primarily of Chinese
individuals.

The records contained all sorts of personally identifiable and sensitive data,
including names, addresses, phone numbers, birth dates, gender information,
social media identifiers, and plaintext passwords. They also contained various
corporate and business records such as company registration details, legal
representatives, business contact information, and registration addresses and
licensing metadata.

Long-running aggregation effort

The researchers could not determine who the owner of the database is, so there
is no confirmation if this was a malicious act, or not. Cybernews says the
cluster resembles what data brokers usually do, since it was highly organized
and thoroughly segmented.

Since it was open for three weeks, it is possible that it was picked up by
threat actors in the meantime.

"Despite the short exposure window, the scale of the dataset means that
automated scraping during this period could have resulted in widespread
secondary dissemination," the researchers said.

The data belongs mostly to people in mainland China, but victims are scattered
across multiple Chinese provinces.

The database may have been open for mere weeks, but it probably took a lot
longer to harvest all of it. Apparently, this wasn't done in a single swoop,
and the data was likely scraped from different sources.

"The presence of timestamps and import dates points to a long-running
aggregation effort rather than a single historical breach," the team
explained.

Investigators managed to find the provider that hosted the cluster. It is a
bulletproof hosting company, "commonly associated with high-risk or
non-compliant data operations." After being notified, the provider locked the
database down, it seems.


https://www.techradar.com/pro/security/massive-chinese-data-breach-allegedly-sp
ills-8-7-billion-records-heres-what-we-know

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)

-----------------------------------------------------------
[Voltar]