DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cn: CSDN “hack” was an insider leak, and many other reported “hacks” were fabricated leaks – authorities

Posted on January 10, 2012 by Dissent

China Daily reports:

Four people have been detained by police and eight others punished after they were found guilty of fabricating a massive leak of online personal data by hackers over the past month in China, the country’s Internet watchdog announced Tuesday.

China’s leading anti-virus software provider, Beijing-based Qihoo 360, claimed in late December that the personal information of more than 6 million users of the China Software Developer Network (CSDN), the country’s largest programmers’ website, had been leaked by hackers. That raised concerns about web security and triggered widespread panic.

The company said the leak included user IDs, passwords and e-mail addresses in clear text. The hacking case later escalated after the personal details of subscribers to more websites, including popular online shopping, gaming, social networking and even financial institution sites, were said to have been leaked.

However, a police investigation into the cases has found that most of those websites had not been attacked by hackers at all over the past month, or that they had been attacked without their subscribers’ information being leaked, a spokesman with the National Internet Information Office said Tuesday. The leaks were merely a fabrication.

Police have cracked 12 such cases, nine of which involved insiders working for the companies stealing and illegally selling online personal data, and three of which involved a fabricated information leak, he said.

Four people have been detained and eight others received formal admonishments in punishment according to the country’s public security regulations, he said.

In the CSDN case, a 19-year-old jobless man surnamed Xu was found to have faked a large-scale leak of personal data just to “show-off,” and he had received “admonishment” from the police, the spokesman said.

As for the leak of some users’ passwords on a few well-known social networking websites, such as Sina Weibo and www.kaixin001.com, police found that hackers decoded the passwords through guesswork and the personal data banks of the websites had not actually been attacked, he said.

Police have confirmed the identities of the hackers and are hunting them, he said.

Read more on China Daily.

It would be helpful if the authorities actually listed each site that had been reported to have been hacked and indicate specifically whether there was a hack or an insider leak or if it was all rumor without any real incident.

And no, I didn’t even know about kaixin001.com. I guess that’s one less entry in DataLossDB that I’ll have to edit now.

Of course, the suspicious among us may wonder whether authorities are merely trying to cover up that there have been huge hacks.  It’s so hard to trust governments these days, isn’t it?

Related posts:

  • 45 Chinese websites hacked and defaced for free tibet by #anonymous
  • Operation Anti Security Breakdown and targets, the full time line
Category: Breach IncidentsNon-U.S.Of Note

Post navigation

← GA: Man gets a year in prison for hacking, wiping medical competitor's computer
Update: FBI interviews patient about alleged Prime Healthcare upcoding, privacy breach →

2 thoughts on “Cn: CSDN “hack” was an insider leak, and many other reported “hacks” were fabricated leaks – authorities”

  1. disclosure says:
    January 11, 2012 at 3:29 am

    Hmm, the CSDN leak was fabricated? We wrote a simple Python script with mechanize (http://wwwsearch.sourceforge.net/mechanize/) to audit the leaked accounts and many seem legitimate as they were reusable on many other sites, e.g. Gmail, Yahoo, Twitter.

    The leaked accounts were archived at http://dazzlepod.com/csdn/.

    1. admin says:
      January 11, 2012 at 7:46 am

      I was confused by the article. I think what they’re saying (with respect to CSDN) is that there was a leak, but it wasn’t a hack – it was an insider leak, and claims of a hack were fabricated.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.