Source | First Consumer Finance
On April 12, 2020, U.S. time, the foreign hacker forum RAID FORUMS had user nicknames s868858 and togoodforthisshit selling citizen data suspected of coming from several Chinese banks and other institutions:
1. Information published by nickname s868858
According to the information released by s868858 shown in the figure below, the person claimed that the information sold was from the Agricultural Bank of China (601288.SH, 01288.HK). The amount of information exceeded 900,000 lines. RMB 28,207 yuan), the price of the second sale was 2,500 US dollars (about 17,634 yuan).
User information includes 10 elements such as name, gender, education, ethnicity, province, mobile phone number, ID number, bank card number, sub-branch and contact address.
s868858 claims that the data deadline is April 1, 2020, and the platform for trading is MEGA. Since No. 1 Consumer Finance has no access to MEGA, it is not possible to view the details of this information further.
2. Information published by nickname togoodforthisshit
Togoodforthisshit has published more information, as follows:
1. Bank 803155 Shanghai Bank (601229.SH) user data
The information includes mobile phone number, name, ID number and contact address.
2. List of 12 million Chinese enterprises
This information includes the business registration name of the unit, telephone, fax, mobile phone, contact person, address, zip code, economic type, mail, registered capital, mode of operation, major industries, major products, number of employees, annual sales and website. First Consumer Finance believes that the above information does not seem to be currently the target of the Ministry of Public Security, such as enterprise check, Tianyan check, and the above information can be found on the platforms.
3. Personal information of 200,000 Chinese CEOs
The information includes name, gender, mobile phone, province, city address, company name and entry date.
4. Personal data of 180,000 Chinese airline passengers
The data includes name, gender, birthday, age, mobile phone number, ID photo, email and contact address.
5. Personal data of 148,000 recipients of Guangdong Dada Express
The data includes the recipient's name, mobile phone, recipient's address and date.
6. 460,000 Industrial Bank (601166.SH) credit card user personal data
The data includes name, gender, mobile phone, date of birth, identity photo, unsecured, monthly income, monthly debt repayment, marital status, education level, contact address and email (some are not provided).
7, 3959 line spot, gold, original, foreign exchange disk benefits, delete user information from the Hong Kong International Futures Trading Platform.
The data includes name, bank account, region, bank card number, ID card number and mobile phone number.
8. 100,000 Ping An Insurance (601318.SH) insurance data
The data includes product name, amount, guarantee period, name, ID card, gender, mobile phone number, email, province, city, monthly income, marital status, insurance policy, insurance liability, insurance purpose and payment period.
9. Data of 139,000 credit users
The data includes customer name, customer phone, ID card, marital status, spouse name, spouse phone, city, period, payment amount and contract amount.
10. Personal data of 330,000 Chinese microfinance users
The data includes the name, gender, age, phone number and sum of the amount.
11. 40 million users' QQ numbers and mailbox data from all walks of life
The data is only the QQ number and mailbox.
12. 202,000 Shanghai Financial Management-VIP User Data
The data includes bank ID, account opening bank, name, gender, age, birthday, mobile phone, account, ID card and address. Such as: ICBC_7850XXX200 Industrial and Commercial Bank of China Hu X Male 40 28.10.1978 138XXXX3726 Room XXX402, Haishen Garden, Zhanghong Road, 3309XXXXXXXX021, Putuo District, Zhoushan City, Zhejiang Province.
13. Personal data of 473,000 Chinese elementary and middle school network teachers by region
The data includes address, job title, email, ID, phone, name, title and level. Such as: Vice Principal [email protected] 51100219XXXXXX181X 1388XXXX356 Tang X Middle School Senior.
14. More than 100,000 securities company data
The data includes the mobile phone number, the provincial city and work information.
15. 3M China Mother and Child Forum
The data includes user ID, mobile phone number, region and age of the baby. Such as: Thunderstorm night! Insomnia 139XXXX5375 Tianjin baby 1 year old.
16, 12M Chinese VPN database
The data is email plain text, such as: INSERT INTO radpostauthvalue ('296XXX480', '[email protected]', 'gengenheimei666', 'Access-Accept', '2019-06-21 04: 25: 31').
17. 100,000 user data of Shanghai Pudong Development Bank (600,000.SH)
The data includes name, gender, mobile phone number, ID number and address. Such as Zhou X male 136XXXX3442 413026XXXXXXXX5179 new dynamic zone 20 yuan SMS package. First Consumer Finance believes this data is suspected of Shanghai operator data.
18. China's 20GB penetration data-10 million packages (spinach penetration data 1000W packaging).
Sample: https://imgur.com/a/knjHSXO
- 63,000 Shanghai Merchants Bank gold card list data.
The data includes the account opening bank, contact person, ownership, proof of ownership, name, ID card number, full address and contact phone number. For example: China Merchants Bank, Ye X, personal resident ID card, 310107XXXXXXXX462X, Room XXXX1602, Weihai Road, Huangpu District, Shanghai, 200002 and 637XXX93.
In response to the above information, First Consumer Finance only reposted the sales information posts posted by users of the hacker forum. The personal information on its sales cannot be further verified due to transactions on the dark web, but according to some sample information, the data is true.
The first consumer finance advised the Ministry of Public Security to intervene in the investigation of the sources of institutions whose personal information was leaked, such as the Bank of Shanghai, ICBC, and Pudong Development Bank.
