Recently, the news came that the personal details of more than 538 million users of Chinese social network Weibo are currently accessible for sale online.
Thus, in ads posted on the dark web and other sites, a hacker demanded to have breached Weibo in mid-2019 and gained a hole of the company’s user database.
The database supposedly includes the details for 538 million Weibo users. Thus, personal information holds the similarities of real names, site usernames, gender, location, and phone numbers of 172 million users. stats pingwest media and corroborating statements from Chinese media.
However, Luo Shiyao, the Director of Information Security at Weibo, announced in a report that “Phone numbers were leaked due to brute-force matching in 2019. Some other private information was dragged on the internet, calculating that when we obtained the security vulnerability, we took steps to fix it.
They also stated to the police as soon as possible and offered related information to them. Furthermore, we have been studying the ‘gray industry’ because we take private user information very severely, particularly their personal data that contains phone numbers.
However, the specific timings of the breach persist in being unconfirmed; there surely is a breach that caused users’ data public. Following Wei’s post, users also reported in the comments section that they got specific details of the users on the dark web. As published, around 172 million records leaked on the darknet and had necessary account information and put on sale for 0.177 bitcoins.
As per to Phala Network, the breach of information appears to be accurate as they could additionally buy the data via the Telegram group, as reported in their post, the author could get his data. But, various Chinese security specialists were smart enough to point out technical imperfections with the company’s reply. First, the hacker’s ad included signs that the data originated from an SQL database hole, which did not meet the company’s statement that the data was collected by matching contacts corresponding to its API.
Next, the company’s statement further doesn’t describe how the hacker gained other details like gender and location, data that is not public, nor delivered by the API when matching to the contacts.
Thus, consideration has been prevalent on Chinese social media regarding where the data started and how the attacker dressed their hands on it. Well, the theory of a password shower or credential stuffing attack was immediately removed when security researchers recognized the attacker wasn’t trading passwords.
Therefore, the hacker, which in several ads covered by the name of “@weibo,” also gave samples of the information, which Weibo users verified to be correct. However, Weibo announced it notified police about the conflict, and that police are continuously investigating. Thus, Chinese police caught the hacker three weeks later, despite the data being traded on the dark web.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.