Data Breach: A Chinese cybersecurity company’s contracts and correspondence with the Chinese government for gathering critical digital data both domestically and internationally, including in nations like India, Nigeria, Indonesia, and the United Kingdom, have been made public through a large-scale data breach.
Auxun in the Shadows
Shanghai-based I-Soon, a corporation also known as Auxun when transliterated from Mandarin, is thought to be one of the numerous private contractors that support the Chinese government in its monitoring, hacking, and intelligence-gathering efforts.
What was in the leak data?
Emails, pictures, chats, and a wealth of papers are all included in the data dump that was released on GitHub. According to a report in The Washington Post, they include “detail contracts to extract foreign data over eight years and describe targets within at least 20 foreign governments and territories, including India, Hong Kong, Thailand, South Korea, the United Kingdom, Taiwan and Malaysia”.
The actual information that was acquired is not contained in these documents. However, they possess information regarding the surveillance targets and the contracts granted to I-Soon. “One spreadsheet listed 80 overseas targets that iSoon hackers appeared to have successfully breached,” the report said. “This included “95.2 gigabytes of immigration data from India and a 3 terabyte collection of call logs from South Korea’s LG U Plus telecom provider,” report added.
Also, “459GB of road-mapping data from Taiwan, the island of 23 million that China claims as its territory was listed,” according to The Post report. “Ethnicities and dissidents in parts of China that have seen significant anti-government protests, such as Hong Kong or the heavily Muslim region of Xinjiang in China’s far west,” according to the Associated Press, appeared to be the targets within China.
What is a Data Breach and Why Should You Worry?
When private, sensitive, or protected information is revealed to an uninvited party, it is called a data breach. There are several ways that data breaches can happen, including:
- Hacking
- Past or Current Employees steal data knowingly or unknowingly
- Inadvertent data exposure or loss
A major cybersecurity risk is data breaches since they can:
- Reputation- Business or Individual
- Millions of dollars in cost
- Stop operations
- Result in monetary loss
Here Are Some of the Biggest Data Breaches in History
- Yahoo: 2013 and 2014, 3 billion user accounts
- First American Financial: 2019, 885 million records
- Facebook: 2019, 540 million records
- Marriott International: 2018, 500 million records
- Friend Finder Network: 2016, 412 million records
How Data Breach Happens
When private information is accessed and made available to an unauthorised individual or group, it is called a data breach. Data breaches may occur by accident or on purpose:
Here are some ways data breaches can happen:
- Hacking or malware attacks
- Social engineering
- Insider leak
- Payment card fraud
- Physical attacks
- Improper configuration or user error
How To Prevent Yourself from Data Breach
- Use strong passwords
- Back up your data
- Use encryption
- Educate employees
- Use access controls
- Update software
- Be careful with personal devices
- Report suspicious activity immediately
- Have a response strategy
According to Pieter Arntz, a researcher at Malwarebytes, the data leak may lead to a change in global diplomacy and reveal vulnerabilities in the national security of multiple nations.
