Pietro Melillo : 8 July 2024 10:14
On the morning of July 6, 2024, a user known as “BlackKing” revealed a significant data breach involving a Chinese travel and tourism platform on a hacking forum. This information leak, which occurred in March 2024, led to the exposure of 7.5 million records, 5.82 million of which contain resident identifiers.
According to BlackKing, the breach compromised a wide range of personal data.
The data fields included in the leak comprise:
FINO AL 31 DICEMBRE, sconti estremi sui corsi Red Hot Cyber
Affrettati!
Fino al 31 dicembre potrai acquistare a prezzi scontati i nostri corsi cliccando sui seguenti coupon:
Supporta RHC attraverso:
Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.
If confirmed, this data breach would represent a serious threat to the privacy of the individuals involved. The exposed personal data could be used for a range of illicit activities, including identity fraud, phishing, and other types of cyberattacks. The presence of data such as mobile number, email address, and physical address makes this breach particularly dangerous.
At this time, we cannot precisely confirm the authenticity of the breach, as the organization has not yet released any official press statements on their website regarding the incident. Therefore, this article should be considered an ‘intelligence source’.
The Chinese authorities have not yet issued official statements regarding the breach. However, it is likely that thorough investigations will be initiated to determine the source of the leak and to prevent future violations of this kind. Users of travel and tourism platforms are advised to closely monitor their communications for any suspicious activity and to adopt security measures such as updating passwords and enabling two-factor authentication.
The data breach of the Chinese tourism platform highlights once again the need for greater security and protection of personal data online. While authorities work to contain the damage and prevent future breaches, users must be proactive in protecting their personal information. This incident serves as a reminder of the importance of cybersecurity in today’s digital world.
As is our practice, we always leave room for a statement from the company should they wish to provide us with updates on the matter. We will be happy to publish such information with a specific article highlighting the issue.
RHC will monitor the evolution of the case to publish further news on the blog should there be substantial updates. If there are people informed about the facts who wish to provide information anonymously, they can use the encrypted whistleblower email.