Alleged data leak exposed PII records of 27.6 million users in China

Leakage of Personal Identifiable Information has always been a headache for majority of countries and to safeguard the interests of their citizens, multiple bills have been drafted and passed, converted into Acts, which are then enforced on the businesses that collects PII of their citizens. USA, Australia, European Union, and multiple other countries even have their bills enforced outside their boundaries, example – GDPR.

China has also enforced Article 111 in General Provisions of the Civil Law of the People’s Republic of China which sets out the basic principle that natural person’s personal data shall be protected by law.

Recently, Cyble Research Team identified a threat actor who leaked in a total of 27.6 Million+ records of Chinese citizens, which includes names, phone numbers, and addresses. As per our researchers, the source of the leaked data has not been revealed by the threat actor.

After further analysis, our researchers noted that the registration information of majority of users is from December 2019 and by looking at the content of leaked data, there is a possibility that it has been extracted from one of the e-commerce websites in China.
Some of the personal information data fields of the leaked user records from the lot are mentioned below-:

  • Name
  • Phone number
  • Full home address
  • Sex
  • Registration date

and other sensitive information.

Cyble Research Team has acquired and indexed the leaked data on their data breach monitoring and notification platform, – people who’re concerned about their information exposure can register on the platform to ascertain the risks. Also, android users (Link) and iOS users (Link) can gain full access to it just by downloading the mobile application.

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at to ascertain their exposure.

About Cyble

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit    

Scroll to Top