China’s biggest banks & Air china customer data leaked. Is this hacking linked to COVID-19 virus revenge?

Customers of China’s largest banking institutions could be exposed to serious danger. According to cybersecurity specialists, an individual recently posted more than a million personal records on a hacking forum. Apparently, these records belong to customers of large Chinese banks and include details such as:

  • Full names
  • Monthly incomes
  • Personal identification cards
  • Addresses
  • Phone numbers

Shortly after the appearance of this report, two institutions (Indusrial Bank and Ping An Insurance) issued communications denying that the information was linked to their customers. Subsequently, Agricultural Bank mentioned that its teams were investigating this incident, although they pointed to a possible falsification of information.

Despite the insistence of the banks, an anonymous source claims that this information is real, adding that it has even been bought by multiple threat actors very satisfied with the results. The informant concluded by ensuring that RaidForums administrators, the forum where the information was posted have nothing to do with the incident, as they ignore how this ad was put online.

However, RaidForums’ Facebook page contradicts this version, as a post on this site is credited with authoring the incident. Forum administrators describe it as an ideal link for platform users like 4Chan and Twitch.

In addition to providing information from the affected banks, the user claims to have “China Air data” (experts believe the individual refers to airlines operating in China), teacher databases in public schools, data from more than 200 directors of large firms, among others.

According to the specialists, this is not the first time that confidential information is presented in this forum. Previously, British authorities reported that data from some of their agencies had been published in RaidForums. Authorities in countries such as Vietnam have filed similar claims.

Data breach incidents have become a cause for alarm for China’s government. Just a few months ago it was reported that information from more than 400 million people had been leaked by a group of threat actors. Local companies, such as the Huazhu hotel chain, have also been victims of such incidents, which have compromised the information of hundreds of millions of users in the Asian giant.