China: 7.5 Million Tourist Data Stolen!

On the morning of July 6, 2024, a user known as “BlackKing” revealed a significant data breach involving a Chinese travel and tourism platform on a hacking forum. This information leak, which occurred in March 2024, led to the exposure of 7.5 million records, 5.82 million of which contain resident identifiers.

Breach Details

According to BlackKing, the breach compromised a wide range of personal data.

The data fields included in the leak comprise:

• calc_sex: Calculated Sex
• hlr_province: HLR Province
• hlr_city: HLR City
• hlr_carrier: HLR Carrier
• calc_birthyear: Calculated Birth Year
• calc_birthmonthday: Calculated Birth Month and Day
• id_province: ID Province
• id_city: ID City
• Name: Name
• CtfTp: Certificate Type
• CtfId: Certificate ID
• Gender: Gender
• Birthday: Birthday
• Address: Address
• Zip: Zip Code
• Mobile: Mobile Number
• Tel: Landline Number
• Fax: Fax Number
• Email: Email Address
• Nation: Nationality

Implications of the Breach

If confirmed, this data breach would represent a serious threat to the privacy of the individuals involved. The exposed personal data could be used for a range of illicit activities, including identity fraud, phishing, and other types of cyberattacks. The presence of data such as mobile number, email address, and physical address makes this breach particularly dangerous.

At this time, we cannot precisely confirm the authenticity of the breach, as the organization has not yet released any official press statements on their website regarding the incident. Therefore, this article should be considered an ‘intelligence source’.

Reactions and Security Measures

The Chinese authorities have not yet issued official statements regarding the breach. However, it is likely that thorough investigations will be initiated to determine the source of the leak and to prevent future violations of this kind. Users of travel and tourism platforms are advised to closely monitor their communications for any suspicious activity and to adopt security measures such as updating passwords and enabling two-factor authentication.

Conclusion

The data breach of the Chinese tourism platform highlights once again the need for greater security and protection of personal data online. While authorities work to contain the damage and prevent future breaches, users must be proactive in protecting their personal information. This incident serves as a reminder of the importance of cybersecurity in today’s digital world.

As is our practice, we always leave room for a statement from the company should they wish to provide us with updates on the matter. We will be happy to publish such information with a specific article highlighting the issue.

RHC will monitor the evolution of the case to publish further news on the blog should there be substantial updates. If there are people informed about the facts who wish to provide information anonymously, they can use the encrypted whistleblower email.

Pietro Melillo

Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"

Areas of Expertise: Cyber Threat Intelligence, Ransomware, National Security, Training