Hacker claims access to Shanghai Covid app, threatens to sell data on millions of users

A medical professional getting ready to issue a Covid-19 vaccine
(Image credit: Shutterstock / Viacheslav Lopatin)

A hacker claims to have breached Shanghai’s Covid app and stolen the personal user data found there

According to a Reuters report, a cybercriminal going by the name XJP took to the hacker forum Breach Forums, to advertise a database carrying sensitive information on 48.5 million users.

The database was taken from “Suishenma”, the Chinese name for Shanghai’s health code system, used by all residents and visitors of the city since early 2020. The hacker first asked for $4,850 for the database, but later toned the offer down to $4,000.

"This DB (database) contains everyone who lives in or visited Shanghai since Suishenma's adoption," the ad reads.

Authentic samples

According to the report, the hacker posted a small sample, including data on 47 people, as proof of his claims. The sample contained the names, Chinese identification numbers, phones, and health code statuses of these people. The publication found 11 people confirming the authenticity of their information, although two did add that their identification numbers were wrong. 

Suishenma has been mandatory for all residents (approximately 25 million people) and visitors of Shanghai, since early 2020. It collects travel data, and then color-codes users based on their chance of catching the virus. The users must then show the code whenever they enter public places. 

Users access Suishenma via the Alipay app, Reuters further added, stating that the city government manages the data coming into the app. At the moment, none of the affected parties were ready to comment.

Chinese authorities are faced with the second major data leak in two months, after a threat actor leaked what appears to be sensitive data on a billion Chinese. That database was also put up for sale on Breach Forums.

  • Here's our rundown of the free and paid options for the best firewall software to stay protected online

Via: Reuters

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.