Chinese Hackers Steal Personal Data of Half of Taiwan's Workforce
Amid escalating tensions between China and Taiwan, Chinese
hackers have allegedly stolen data of nearly six million Taiwanese. The largest
data breach in the country's history, Chinese hackers targeted a Taiwanese job
bank and sold the data on the dark web as per authorities.
With Taiwan's workforce is around 12 million, it means
hackers got away with data of half of the employable citizens. The data breach
was detected last week before the country's mid-Autumn festival holidays that
began on October 1. The country's information security researchers stumbled
upon the data breach after carrying out an in-depth search for illegal
transactions on the dark web, which can only be accessed via specific software
and configuration.
During the search, authorities found an account named
"rootkit" was selling around 35 data sets for $500 to $1,000 for
each. After further investigation, officials said that the hackers were from
China as they communicated in the dark web forums in simplified Mandarin,
claiming that they were able to hack into a popular Taiwanese online job site
104 Job Bank and were willing to sell the data.
The leaked data included name, date of birth, email ID,
applicants' ID number, mobile number and home address of 5,924,397 victims all
aged between 20 and 58. However, 104 Job Bank on Monday issued a statement
saying that the discovered data set was old and from 2013. But it was carrying
out further investigations to understand the total amount of data and if it
contained any current information.
The company added that it had informed Taipei's Department
of Labor. But many of the old information such as email ID, mobile number and
house address don't change for many years, meaning that victims will be
vulnerable to further phishing attacks.
However, 104 wasn't the only victim. As per Taiwan's popular
forum, PTT, another online job bank, 1111 was also targeted and data of 3.92
million Taiwanese was leaked online. While netizens claimed the data was more
detailed and from 2019, 1111 also claimed that it was old that was breached
nine years ago. The company said that it has since strengthened its network
security. However, it has also set up a fund of 200 million yuan to compensate
those whose data was leaked.
The data breaches are just two of Chinese hackers' recent
activities amid escalating tensions between China and Taiwan and also China and
the U.S. Interestingly, many data breaches and ransomware attacks in the U.S.
and Europe have also been linked to Chinese hacker groups.
In a recent report, Facebook claimed that it had found a
sophisticated malware attack that could hijack user accounts and post fake ads.
The SilentFade malware secretly accessed browser cookies for session tokens and
obtained Facebook login credentials and posted ads on the social media platform
for counterfeit goods.
Last month, another Chinese hacker group named APT41 was
charged by the U.S. Department of Justice for cyberattacks on American
companies. Five members of the group — Zhang Haoran and Tan Dailin, Jiang
Lizhi, Qian Chuan, and Fu Qiang — were also named in the court documents.
Apart from the two, another Chinese hacker group was accused
of cyberattacks on Coronavirus vaccine research data in Canada, the U.S. and
the U.K. American authorities alleged that the hackers were targeting Moderna's
vaccine research data.
Comments
Post a Comment