Massive COMB data breach reveals info on over a billion people


Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records.

This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on Elasticsearch, which was first set up in the final days of April 2024. By the end of next week, the database held 1,230,703,487 records, and continued to grow since.

Read more…
Source: MSN News


Sign up for our Newsletter


Related:

  • Stately Taurus targets the Philippines as tensions flare in the South Pacific

    November 17, 2023

    Tensions between China and the Philippines have risen sharply over the past several months. Coinciding with these real-world events, Unit 42 researchers observed three Stately Taurus campaigns during the month of August. These campaigns are assessed to have targeted entities in the South Pacific including the Philippines government. The campaigns leveraged legitimate software including Solid PDF ...

  • Gang says ICBC paid ransom over hack that disrupted US Treasury market

    November 14, 2023

    China’s biggest lender, the Industrial and Commercial Bank of China, paid a ransom after it was hacked last week, a Lockbit ransomware gang representative said on Monday in a statement which Reuters was unable to independently verify. ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on ...

  • U.S. arm of China mega-lender ICBC hit by ransomware attack

    November 10, 2023

    The U.S. arm of China’s largest bank said Thursday that it was hit by a ransomware attack, forcing clients to reroute trades and disrupting the U.S. Treasury market. Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, before sending a ransom note demanding payment in exchange for decrypting the data or not releasing ...

  • Secretary General: Through NATO, we can build a secure cyberspace for all

    November 9, 2023

    The Secretary General emphasized that cyber is driving strategic competition and that authoritarian regimes, including China and Russia, are: “challenging our interests, our values and our security.” He said they are: “determined to shape the future of cyberspace in own image with little transparency and no regard for human rights.” At the Vilnius Summit this ...

  • Online store exposed millions of Chinese citizen IDs

    November 6, 2023

    A security researcher said he discovered millions of Chinese citizen identity numbers spilling online after an e-commerce store left its database exposed to the internet. Viktor Markopoulos, a security researcher working for CloudDefense.ai, said he found the database belonging to Zhefengle, a China-based e-commerce store for importing goods from overseas. The database contained more than ...

  • Tech firms to allow vetting of AI tools

    November 3, 2023

    The most advanced technology companies will allow governments to vet their artificial intelligence tools for the first time, Rishi Sunak has announced, as Elon Musk warned the technology could eventually replace all human jobs. Companies including Meta, Google DeepMind and OpenAI have agreed to allow regulators to test their latest AI products before releasing them ...