Over 90 Million Records Leaked by Chinese Public Security Department (Jul 8, 2019)
Two databases containing over 90 million personal and business records have been leaked by the Jiangsu Provincial Public Security Department has been discovered by security researcher Sanyam Jain. The ElasticSearch databases had been left publicly accessible and unsecure exposing birth dates, business IDs, business types, identity card numbers, location coordinates, gender, and name. After contacting the Jiangsu Provincial Public Security Department and CNERT/CC, CNERT/CC contacted the database owner who secured the database.
Recommendation: Databases should not be directly accessible over, or connected to the internet. Protect these services with authentication, do not allow guest or anonymous login. For web applications that are accessing database data, make sure all user-supplied data is sanitized to prevent SQL injections. Actors can use this information to coerce more personal data from the victim. Users should also monitor their credit in order to make sure that nothing out of the ordinary is happening and no identity fraud is being committed.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.