More than 30 Crores Private Messages From China Were Exposed Online

On March 02, more than 30 crores private messages from China were exposed online on a variety of messaging apps. The information was revealed by Victor Gevers, a security researcher of the GDI Foundation. The Financial Times reported that there have been 3640 lakhs cases concerning recorded personal identities of users which were available to any other user who searched for the IP address.

In addition, each of these records taken from QQ or WeChat also included other vital information such as GPS data, photos, ID numbers, or addresses. Gevers even uncovered more shocking news: the data was transmitted from the main database to 17 other servers in remote distances.

The data was seemingly sent to these servers of various police stations in many provinces and cities. This could be realized via numerical codes.

Moreover, these records included some addresses from internet cafes. That means they might derive from gamers who loved playing at cafes. Chinese officials have censored these kinds of cafes and even, they also require them to install apps to follow the browsed data by their users.

The leak was first detected when Gevers used a search engine called Shodan to monitor devices. The engine is designed to search for all devices that are connected with the Internet. On March 02, he had a talk on the exposed private messages with ChinaNet Online who specializes in providing internet services in China. After some hours, the provider locked all of the databases.

This is not the first time the Chinese government has monitored or applied similar measures to manage conversations among its internet users. In addition, tech firms in the country often offer terms of use concerning collecting users’ data via websites and apps.

For example, WeChat which is the most prominent social media application in China says to its users that it will “comply with applicable laws and regulations” when gathering user data. However, not all support and believe what the tech companies say. Li Shufu, a prominent businessman, thought that Ma Huateng, the CEO of Tencent, “must be watching all our WeChats every day.” Of course, WeChat didn’t accept these accusations.

Additionally, anyone can access the information. That is what makes us extremely surprised. While revealing the leak of private messages to the Chinese ISP, Gevers also offered tips to enhance the security level for the information.