The company developers accidentally loaded the entire database to Github
China’s crackdown on cryptocurrency has not extended to the dark web. Cyber security organization experts report that a hacker is selling personal data of more than 130 million people for 8 Bitcoin (about $56.7K USD based on its current value) in a dark web forum in China.
The people whose data have been compromised are all customers of Huazhu Hotels Group, one of the largest hotel chains in China, which manages more than 3.8K branches in 382 Chinese cities.
According to the cyber security organization specialists who found the information in a dark web forum, the hacker is selling more than 240 million records belonging to 130 million customers including phone numbers, email addresses, bank accounts and reservation details at the hotel. The information is equivalent to 141.5 GB. A Chinese cyber security organization firm claimed that the information was probably leaked earlier this month when hotel chain programmers accidentally loaded copies of their company’s database to GitHub.
Huazhu Hotels Group issued a statement where they claim that the leak was reported to the authorities and an investigation is been carried out. The Chinese government is taking ever more vigorous measures against the use of cryptocurrency in the country. The authorities recently banned the websites of more than 124 foreign cryptocurrency exchanges. China’s largest technology providers also actively promote the prohibition of any transaction with virtual assets, as well as citizens’ participation in any related forum or platform.
However, in the case of the dark web, which is accessed through VPNs and browsers oriented to privacy (mainly Tor), escapes the reach of Chinese authorities, and the use of cryptocurrencies is the main form of payment for services found in that Internet area.
Yet, contrary to popular belief, the use of Bitcoin is not entirely appropriate to ensure anonymity. In fact, some major hits against drug dealing in dark web have been made possible by the use of Bitcoin for transactions.
Chinese government has been trying to impose a general ban on all cryptocurrency for the last year. While most traditional companies have marked their distance from this practice, the authorities have been unable to control scams and other illegitimate activities related to virtual assets.
According to cyber security organization specialists from the International Institute of Cyber Security, the growth of platforms for virtual-asset operations has also generated an increase in frauds involving this kind of transactions.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.