Japan Police Find 18 Million User Records on Server Used by Chinese Hackers

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Tokyo police announced the discovery of over 18 million user credentials on a server of the Nicchu Shinsei Corp. company, who complicitly allowed Chinese hackers to use it in their attacks, The Japan News reports.

According to Japanese law enforcement, between June and November 2015, the hackers used the server as a relay for attacks on Japanese and international websites, among which were Yahoo Japan, Twitter, Facebook, shopping giant Rakuten, credit card company Mitsubishi UFJ NiCOS Co., and others.

Credentials for over 31 different Web services were discovered, among which 1.72 million belonged to Yahoo Japan users. Besides usernames and passwords, some data records included information such as names and date of births.

Police arrested Japanese accomplices last November
At the end of November, Tokyo police arrested Nicchu Shinsei president and other staff members, but only two days ago revealed details about this case.

Police investigators are saying that the server also contained scripts which would allow the hackers to test which of these username and passwords combinations were valid.

Once the hackers had accessed the accounts, they would then use them to steal or award themselves bonus (reward) points, or to send unwanted advertising or spam to the victim's contacts.

A Chinese chat service could be at the heart of the immense user data leak
Local law enforcement has also informed each of the companies for which user credentials were found, and asked each one to notify all of its affected customers, and help them change their account passwords.

Additionally, the same server was also used in illegal money transfers that affected ten financial institutions.

Police revealed that they may have a lead on how the hack of all these accounts happened, saying that most victims had one thing in common, being users of a popular Chinese chat service. Tokyo police has enlisted Interpol's help to make inquiries at the Chinese company.

A possible explanation may be that this service may have been compromised. Since some users have reused passwords on other sites, this allowed the hackers to break into other accounts, and create some part of the huge 18-million pool.
 
H

hjlbx

Like I always say, once you put data out there into the ether, there is virtually nothing you can do to protect it.

The list of such data breaches is HUGE ! In this case, the server owner was complicit in the malfeasance - so you can trust no one.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top