Sun, 20 Sep 2020

Data of millions of Chinese users exposed by unsecured server online

By Sheetal Sukhija, Raleigh News.Net
15 Jan 2019, 09:30 GMT+10

BEIJING, China - A database containing the personal data of over 202 million Chinese citizens was exposed online in what has emerged as a major breach of server security.

According to the cybersecurity firm HackenProof, which spotted the exposed server first, the database contained 854-GB of data, including resumes of more than 202 million Chinese jobseekers.

Bob Diachenko, Director of Cyber Risk Research at HackenProof has revealed that he stumbled upon an unsecured MongoDB database server, which contained highly detailed CVs of millions of Chinese users.

In a blog detailing his finding, the security researcher claims that the data appears to have originated from a data scraping app that collected resumes from Chinese job portals.

The exposed server was available to anyone who sought to access it online for more than a week and contained 202,730,434 records in total.

According to Diachenko, the resumes contained sensitive and detailed information related to the Chinese users, including full names, home addresses, phone numbers, emails, marital status, number of children, political affiliations, body measurements (height and weight), literacy level, salary expectations, education, past jobs among other personal data.

Diachenko pointed out that the server lacked even the most basic security protections.

He wrote in his blog that his initial analysis indicated that the primary source of data on the server appeared to have been scraped from the large, classified advert site

In response to his blog, issued a statement to Hackenproof, in which the popular Chinese job portal denied it had allowed any data breach.

The site said in its statement, "We have searched all over the database of us and investigated all the other storage, turned out that the sample data is not leaked from us. It seems that the data is leaked from a third party who scrape data from many CV websites."

Diachenko claims that he then took to Twitter in a bid to identify the mysterious owner/administrator of the exposed database. 

In his public plea on Twitter, Diachenko sought help from his followers in identifying the administrator of the server and received some help too. 

One of his followers reportedly directed him to a GitHub repository, that contained the source code of a web app.

While the repository has now been deleted, the app in question was believed to have been created to scrape CVs from legitimate job-finding portals.

The source code of the web app reportedly contained identical data structures to the ones found in the exposed database.

Diachenko pointed out that the information available online was a threat intelligence gold mine that was left open for anyone in the world to find. 

The researcher pointed out that his plea on Twitter led to the owner of the server taking down the GitHub repository and even securing the server containing the trove of information.

The data breach became the latest in a series of such exposes impacting Chinese citizens.

In 2018, a report by the Internet Society of China revealed that about 19 percent of Chinese net users had their social media and other accounts hacked or lost passwords through the year.

More Raleigh News

Access More

Sign up for Raleigh News

a daily newsletter full of things to discuss over drinks.and the great thing is that it's on the house!