[BreachExchange] Over 200 Million Chinese CVs Compromised Online

Audrey McNeil audrey at riskbasedsecurity.com
Tue Jan 22 10:58:25 EST 2019 

http://www.ehackingnews.com/2019/01/over-200-million-chinese-cvs.html

Recently, a database comprising of over 200 million Chinese CVs was
discovered online in a compromised position where it was laid bare for the
dark web to devour. Naturally, it spilled explicitly detailed information.

Having lacked, fundamentally basic security endeavors, the database exposed
some really personal data of people.

The database encompassed their names, addresses, mobile phone numbers,
email addresses, education details and other what-not.

The much detailed information on the base was developed by persistently
scouring various Chinese job sites.

Reportedly, the director of the researching institution cited on the issue
that at the outset, the data was thought to be gained from a huge
classified advert site, namely, BJ.58.com.

Nevertheless, BJ.58.com, vehemently denied the citation and their relation
with this accident.

They had thoroughly analysed and checked their databases and found nothing
questionable, hence reassuring that they had no role to play in the data
leakage.

They also mentioned that certainly some third-party CV website “Scraper” is
to blame.

It was via twitter that the news about this data cache first floated among
people, and soon after that, it was removed from Amazon cloud where it had
been stored.

But, as it turned out while further analyzing, before it was deleted it had
previously been copied around 12 times.

There has been a series of incidents where the Chinese have been
cyber-affected, and this data loss is the latest of all.

>From online rail bookings to allegedly stealing rail travelers personal
data, the early days of January were quite bad for the Beijing people.

Reportedly, in August last year, the police of China were busy
investigating a data breach of hotel records of over 500 million customers.

Personal data, including the booking details and accounts, registration
details and other similar information were leaked.

Also, the Internet Society of China had released a report wherein the
several phishing attacks and data breaches the country’s residents had
faced were mentioned.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20190122/3f6ca15c/attachment.html>

More information about the BreachExchange mailing list