The Shanghai police database leak refers to the unauthorized disclosure of sensitive personal information and police case data from the Shanghai National Police Database, also known as the SHGA Database, in early July 2022. The leaked data, totaling over 23

terabytes The byte is a unit of digital information that most commonly consists of eight bits. Historically, the byte was the number of bits used to encode a single character of text in a computer and for this reason it is the smallest addressable unit ...

, includes details of more than one billion Chinese residents, encompassing names, addresses, birthplaces, resident ID card numbers, phone numbers, photos, mobile phone numbers, and information on criminal cases. The data was made available for sale on the

internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a ''internetworking, network of networks'' that consists ...

by an unidentified

hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...

, who demanded a price of 10

bitcoins Bitcoin ( abbreviation: BTC; sign: ₿) is a decentralized digital currency that can be transferred on the peer-to-peer bitcoin network. Bitcoin transactions are verified by network nodes through cryptography and recorded in a public distrib ...

. The origin of the leaked information is believed to be the Shanghai Public Security Bureau, although this has not been officially confirmed.

Screenshots screenshot (also known as screen capture or screen grab) is a digital image that shows the contents of a computer display. A screenshot is created by the operating system or software running on the device powering the display. Additionally, s ...

shared online revealed a vast amount of intricate police information, such as the time of reporting criminals, the contact numbers of reporting individuals, and the reasons for reporting. Notably, initial analysis indicated that the personal data originated from residents all across

mainland China "Mainland China" is a geopolitical term defined as the territory governed by the People's Republic of China (including islands like Hainan or Chongming), excluding dependent territories of the PRC, and other territories within Greater Chin ...

, rather than being limited to

Shanghai Shanghai (; , , Standard Mandarin pronunciation: ) is one of the four direct-administered municipalities of the People's Republic of China (PRC). The city is located on the southern estuary of the Yangtze River, with the Huangpu River flowin ...

alone. If the reported volume of data is accurate, the Shanghai police database leak would be regarded as the largest and most significant incident of its kind since 1949. The news of the leak faced censorship on the social platform

Weibo Weibo may refer to: * Microblogging in China, or China-based microblogging services (), including: ** NetEase Weibo (), launched by NetEase ** People's Weibo (), launched by '' People's Daily'' ** Phoenix Weibo (), launched by Phoenix Television ** ...

in mainland China, potentially to impede its spread. The authorities have not yet acknowledged or publicly addressed the incident. Despite inquiries sent by ''Bloomberg'' to the Central Cyberspace Administration of China and the Shanghai Police Bureau, no responses have been received thus far. ''Bloomberg'' criticized the lack of transparency and disclosure surrounding data breaches in the People's Republic of China, citing previous incidents such as the leakage of personal information of

Communist Party A communist party is a political party that seeks to realize the socio-economic goals of communism. The term ''communist party'' was popularized by the title of '' The Manifesto of the Communist Party'' (1848) by Karl Marx and Friedrich Engels. ...

members in 2016, the Weibo account information leak in 2020, and the

information leakage Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. In other words: Information leakage occurs when secret information correlates with, or ca ...

from

Xinjiang re-education camps The Xinjiang internment camps, officially called vocational education and training centers ( zh, 职业技能教育培训中心, Zhíyè jìnéng jiàoyù péixùn zhōngxīn) by the government of China, are internment camps operated by ...

in 2022.

Cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, th ...

researcher

Vinny Troia Vincenzo Troia is an American ethical hacker and cybersecurity researcher who is known for reporting and identifying the Dark Overlord (hacker group) and hacker PomPompurin, who was involved in the 2021 FBI email hacking. He is also known for d ...

claimed he discovered the leak over a year before the server was eventually shut down.

Sources

{{Hacking in the 2020s 2022 in China Data breaches Cyberattacks

See also

Sources