The data breach occurred on a major travel and tourism platform in China, which is widely used by millions of residents for booking trips, accommodation, and other travel-related services. The platform has been known for its comprehensive travel solutions, integrating various services into one seamless experience.

Breach Details

  • Date of Breach: March 2024
  • Data Compromised: 7.5 million pieces of data
    • Resident IDs: 5.82 million
  • Leaked Data Fields:
    • Personal Information: Name, Gender, Birthdate, Address, Zip code, Mobile number, Telephone number, Email address
    • Identification Details: Resident IDs, Province and City of ID issuance
    • Travel Details: Province and City of travel, Carrier information
    • Additional Information: Fax number

Threat Actor Profile

The data breach was advertised by a user named "BlackKing" on an underground forum. BlackKing holds the "GOD User" status, indicating a high level of activity and reputation within the forum community. The user's profile shows:

  • Posts: 22
  • Threads: 10
  • Joined: June 2024
  • Reputation: 30

BlackKing provided samples of the leaked data and invited interested parties to contact them for more information.

Impact Analysis

  • Individual Impact: The breach exposes sensitive personal information, potentially leading to identity theft, financial fraud, and privacy violations. The compromised resident IDs and contact details can be misused for various malicious activities.
  • Organizational Impact: The affected travel platform may face legal repercussions, loss of customer trust, and significant financial losses due to the breach. The incident could lead to a decrease in user engagement and a tarnished brand reputation.
  • National Impact: On a broader scale, such a breach undermines the confidence in national cybersecurity measures and could lead to stricter regulations and policies for data protection.
Share this article
The link has been copied!