Massive COMB data breach reveals info on over a billion people


Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records.

This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on Elasticsearch, which was first set up in the final days of April 2024. By the end of next week, the database held 1,230,703,487 records, and continued to grow since.

Read more…
Source: MSN News


Sign up for our Newsletter


Related:

  • Foreign espionage agencies exploit crowdsourcing for covert intelligence gathering in China

    December 4, 2024

    China’s Ministry of State Security revealed on Wednesday that foreign intelligence agencies are using crowdsourcing to gather sensitive data in China, posing a covert but serious threat to national security. This covert method, dubbed “crowdsourced espionage,” poses an escalating threat. Foreign intelligence agencies break down intelligence-gathering missions into smaller, discrete tasks and distribute them via legitimate ...

  • Enhanced Visibility and Hardening Guidance for Communications Infrastructure

    December 3, 2024

    The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC), Canadian Cyber Security Centre (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ) warn that People’s Republic of China (PRC)-affiliated threat actors compromised networks of major global telecommunications providers to ...

  • APT trends report Q3 2024

    November 28, 2024

    In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. The campaign targeted Vietnamese victims, mostly from the financial sector, with some from the real estate sector. Later, in 2023, Elastic Lab published a report about an OceanLotus ...

  • INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million

    November 27, 2024

    LYON, France – A global operation involving law enforcement from 40 countries, territories and regions has ended with the arrest of over 5,500 financial crime suspects and the seizure of more than USD 400 million in virtual assets and government-backed currencies. The five-month Operation HAECHI V (July – November 2024) targeted seven types of cyber-enabled frauds: ...

  • Ex-South Korean defence chief, officials accused of THAAD data leak to China

    November 20, 2024

    A former South Korean defence minister and three other senior officials who served in the previous Moon Jae-in administration have been accused of leaking intelligence on a US-built missile system to activists and China. The state auditor alleged that Jeong Kyeong-doo, ex-national security adviser Chung Eui-yong and two high-ranking officers passed information on the Terminal High ...

  • Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

    November 19, 2024

    LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. While some vendors suspect that the actor using LODEINFO might be APT10, we don’t have enough evidence to fully support this speculation. Currently, we view APT10 and Earth Kasha as different entities, although they ...