In what appears to be the largest data breach ever reported in China, billions of records containing financial information, WeChat and Alipay data, and other sensitive personal
details were left exposed to the public. Unfortunately, there is very little affected users can do to safeguard themselves. According to new research, the breach may have impacted hundreds of millions of Chinese citizens. A massive 631-gigabyte database was found unsecured, exposing an estimated 4 billion records.
Cybersecurity researcher Bob Dyachenko, along with the Cybernews team, uncovered the exposed data on an open and unprotected database. The dataset was made up of numerous collections, with each containing between half a million and over 800 million records. The researchers believe the data was collected and organized to create detailed behavioral, economic, and social profiles of individuals across China.
The team noted that the volume and variety of data indicate it may have been maintained as a centralized repository, likely used for surveillance, profiling, or advanced data analysis.
Such a large-scale leak opens the door for numerous malicious uses. Threat actors or state-sponsored groups could exploit the data for phishing schemes, blackmail, fraud, espionage, or coordinated disinformation campaigns.
Although the database was taken offline quickly, limiting the team’s access, they were able to examine 16 data collections. The largest, labeled “wechatid_db,” contained over 805 million records, likely tied to user data from the Baidu-owned WeChat platform. The second largest, “address_db,” held over 780 million records with detailed residential and geographic data. A third collection titled “bank” included more than 630 million entries containing credit card numbers, names, phone numbers, and dates of birth.
With just those three collections, cybercriminals could easily connect data points to learn where individuals live and analyze their financial behaviors, including spending and debt patterns.
Another major dataset, titled in Mandarin and roughly translating to “three-factor checks,” had more than 610 million records, likely combining names, IDs, and phone numbers. The “wechatinfo” collection added nearly 577 million more records, possibly including chat logs, metadata, or user activity. A separate group of 300 million records labeled “zfbkt_db” appeared to contain Alipay card and token information. In skilled hands, this information could lead to unauthorized transactions, identity theft, and account takeovers.
In addition, 20 million more Alipay-related records were discovered, adding to the financial risk for those affected. Another 353 million records were distributed across nine smaller collections covering a wide range of topics, including employment details, pension funds, insurance, gambling activity, and vehicle registration. One collection, “tw_db,” is believed to contain data related to Taiwan.
Despite efforts to identify the origin of the leak, identify of the database was not determined. There were no headers or metadata pointing to an organization, and the infrastructure was removed from public access soon after the discovery.
The researchers emphasized that individuals affected by the breach have no way to respond or seek support, given the anonymity of the source and absence of official notification channels.
Data breaches involving Chinese users are not new. Previous incidents have included the exposure of 1.5 billion records tied to Weibo, DiDi, and the Shanghai Communist Party, and a separate leak of 1.2 billion records. A more recent breach revealed data on 62 million iPhone users.
However, none of those incidents matched the scale of this one. With over 4 billion records exposed, this appears to be the largest known leak of Chinese personal data from a single source.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
