Hot on the heels of the largest database in Chinese history with 1 billion records leaked, a new Chinese database of visiting foreign nationals is being sold on the black market. This database is unique from the previous one circulating online and includes entry details, names, passport numbers, and more from visiting foreign nationals. The leaked sample includes former President Barack Obama’s China entry details, including his passport number.
A new hacker who goes by the name of ChinaSeller123 has emerged with another large Chinese database that is being sold on a hacking forum.
On July 4th of this week the seller posted a database of foreign nationals visiting China with over 44 million entries. The database includes 44,287,877 lines, with each line representing a foreign national who entered China through Shanghai. Each line contains the following fields:
- Full name
- Date of birth
- Passport number
- First entry timestamp
The seller is offering the database for $20,000 and has included a data sample, as you can see below.
Looking at the data sample, we see it includes a noteworthy individual.
Former US President Barack Obama’s entry information and passport number leaked
The data sample leaked by “ChinaSeller123” includes former US President Barack Obama and data from his entry into Shanghai, including his passport number.
Additionally, we see an entry timestamp of November 15, 2009, which corroborates with news reports from that time.
The seller listed additional samples of other foreign nationals entering China with “Obama” in their name. These entries included foreign nationals from Cameroon, Japan, Equatorial Guinea, and other countries.
We analyzed all records in the data sample that were provided in the hacker forum. Based on our analysis, we were able to corroborate records from some people in the data sample with real-world persons.
These and other entries are still available for viewing on Breached Forums.
A different leak, but the same original source (Shanghai police database SHGA)
Earlier this week, news broke about a similar database being offered by “ChinaDan” who listed 1 billion records of Chinese nationals for sale on Breached Forums. News of this initial breach has circulated around the world and appears to be the largest data leak in China ever.
According to some reports, source of ChinaDan’s original data breach, and also the current data breach from ChinaSeller123, is leaked credentials that gave hackers access to the Shanghai Police database (SHGA).
When asked on the forum if this database was from the same database leaked recently by “ChinaDan” that included 1 billion records on Chinese nationals, the seller said the following:
This comes from the same source (now down) however ChinaDan does not appear to have it– ChinaSeller123
In our analysis of the data sample, and also looking at the original leak sample from ChinaDan, this does indeed appear to be a new dataset that has not previously been released.
The seller is also listing another item for sale on the hacking forum, part of the Citizens and Police database from earlier this week.
While some may question the validity of the hacker’s claims, the founder and administrator of the hacking forum, who goes by the name of Pompompurin, replied to the thread verifying the seller’s data.
Vouch, I’ve seen proof of this– Breach Forums Owner “Pompompurin”
Ramifications of this leak
This specific leak will expose the names, passport numbers, and entry information of foreign nationals who entered China.
The previous large-scale database affected China nationals. This database, however, affects foreign nationals.
It will be interesting to see what other details will emerge from the Shanghai police database. What other information does the database contain on foreign nationals, such as former president Barack Obama and others?
Time will tell. The database, and others derived from it, are now “out there” and we are just beginning to understand the implications.