DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hacker, suspected of 6 million user CSDN info leak, detained

Posted on March 21, 2012 by Dissent

Zhao Wen of The Shanghai Daily reports that a suspect has been detained in the CSDN breach that made headlines in December:

The suspect surnamed Zeng was held in Wenzhou, eastern Zhejiang Province on February 4 after Beijing police opened an investigation into the case on December 22, the paper said.

The leak, considered the biggest in China’s Internet history, occurred on December 21 when the personal information of more than 6 million users of the China Software Developer Network (CSDN) was exposed on the Internet for free downloading.

Read more on The Shanghai Daily.

In January, The China Daily had reported that a 19-year-old jobless man surnamed Xu was had faked a large-scale leak of personal data just to “show-off.” It’s not clear from the current news report whether there is any connection between Xu and the suspect who was detained last month.

While the leak occurred in December 2011, the hack reportedly occurred in April 2010, raising the question as to when the police and CSDN first knew that the database had been hacked.

Zeng caught police’s attention because he claimed in an online post in September 2010 that he gained command of the CSDN database and wanted to cooperate with the website, it was reported.

He admitted to hacking into the CSDN server in April 2010 through a system loophole and sneaking into an online recharge platform and a stock brokerage system.

So the police became interested in September 2010 and CSDN says that their system has been secure since September 2010. Did they actually confirm the April 2010 hack at that time? If so, that raises the question as to why there was no disclosure at that time.

CSDN has not yet issued any statement that I’ve been able to find in English in response to the detention or clarifying when they first knew of the hack. If any readers can find more information, please use the Comments section below to share it.

CRIEnglish.com notes that five suspects were arrested on March 20, so I expect we’ll see more coverage soon.

Category: Breach IncidentsBusiness SectorExposureHackNon-U.S.

Post navigation

← Ph: Senate approves Data Privacy Act on 3rd reading
Cn: Dangdang Freezes Accounts After Hacking Incident →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.