Customers of China’s largest banking institutions could be exposed to serious danger. According to cybersecurity specialists, an individual recently posted more than a million personal records on a hacking forum. Apparently, these records belong to customers of large Chinese banks and include details such as:
- Full names
- Monthly incomes
- Personal identification cards
- Addresses
- Phone numbers
Shortly after the appearance of this report, two institutions (Indusrial Bank and Ping An Insurance) issued communications denying that the information was linked to their customers. Subsequently, Agricultural Bank mentioned that its teams were investigating this incident, although they pointed to a possible falsification of information.
Despite the insistence of the banks, an anonymous source claims that this information is real, adding that it has even been bought by multiple threat actors very satisfied with the results. The informant concluded by ensuring that RaidForums administrators, the forum where the information was posted have nothing to do with the incident, as they ignore how this ad was put online.
However, RaidForums’ Facebook page contradicts this version, as a post on this site is credited with authoring the incident. Forum administrators describe it as an ideal link for platform users like 4Chan and Twitch.
In addition to providing information from the affected banks, the user claims to have “China Air data” (experts believe the individual refers to airlines operating in China), teacher databases in public schools, data from more than 200 directors of large firms, among others.
According to the specialists, this is not the first time that confidential information is presented in this forum. Previously, British authorities reported that data from some of their agencies had been published in RaidForums. Authorities in countries such as Vietnam have filed similar claims.
Data breach incidents have become a cause for alarm for China’s government. Just a few months ago it was reported that information from more than 400 million people had been leaked by a group of threat actors. Local companies, such as the Huazhu hotel chain, have also been victims of such incidents, which have compromised the information of hundreds of millions of users in the Asian giant.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.