Hacks of Chinese sites either inside jobs or faked

Last week’s news that hacks of a number of high-profile sites resulted in the compromise of personal and financial information of over 100 million Chinese Internet users has been revealed as inaccurate.

China Daily reports that the Chinese police has investigated the supposed breaches and has already cracked twelve cases. Of the twelve, nine compromises were due to the machinations of the company employees who stole and sold user data, and three information leaks were completely faked.

All in all, four people have been detained and eight other received “formal admonishments in punishment according to the country’s public security regulations” for their involvement in the matter.

According to the police, the leakage of China Software Developer Network’s users’ information seems to have been faked by a 19-year-old who wanted to show off, and the compromise of passwords of users of the Sina Weibo microblogging site and the Kaixin001social network were simply due to password guessing.

No details for other supposedly compromised sites was shared, leaving users to still wonder whether their information has been stolen and/or sold for unsaviory purposes.

“It can be seen from the recent cases of personal data leaks that they fabricated such information for different purposes, such as for showing off, defrauding others of money, promoting their web security products or disturbing and disparaging the real-name registration move,” commented the spokesman with the National Internet Information Office, alluding to the recently launched real-name registration requirements for social networks and microblogging sites.

Needless to say, many have already questioned the results of the investigations mounted by the Chinese police. The country’s government is known for trying to keep the illusion of it being always on top of things alive, so a healthy dose of skepticism to official statements is definitely advisable.

According to one of the commenters on the Databreaches site, at least one of the claims could be false. “Hmm, the CSDN leak was fabricated? We wrote a simple Python script with mechanize to audit the leaked accounts and many seem legitimate as they were reusable on many other sites, e.g. Gmail, Yahoo, Twitter,” he wrote.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss