Massive Data Leak Exposes 1.5 Billion Records from Chinese Platforms and Government

One of the largest data leaks in recent history has exposed a staggering 1.5 billion records, affecting major Chinese platforms, financial institutions, and even government-related entities. The unprotected dataset, discovered by Cybernews researchers, contains sensitive details, including full names, government ID numbers, phone numbers, financial records, and healthcare data.
The leaked records originate from multiple high-profile sources, including Weibo, China’s largest social media platform, and DiDi, the country’s top ride-hailing service. Other affected entities include major banks, telecommunications providers, courier services, and even the Shanghai Communist Party.
Researchers believe this dataset is a compilation of both known and previously undisclosed breaches, aggregated on an Elasticsearch server. The sheer volume and diversity of data suggest malicious intent, as large-scale leaks like this can fuel identity theft, targeted phishing attacks, and unauthorized financial access.
Among the most alarming aspects of the leak is the presence of highly sensitive financial and healthcare data. The dataset includes 504 million records tied to Weibo, 25 million from SF Express (China’s largest courier service), and over 142 million from JD.com, a major e-commerce platform that had no previously known breaches.
In addition to personal and corporate data, the dataset contains politically sensitive records. A collection labeled “The Communist Party of Shanghai” includes 1.6 million records, while others titled "Friendly Nations" and "Data of Multiple Neighboring Countries" hint at potential geopolitical implications.
Though the exposed server was eventually taken offline after multiple alerts to China’s CERT, the scale of this breach highlights the persistent risks of mass data aggregation. As cybersecurity experts analyze the impact, this incident could rank among the largest known data leaks in history, second only to the infamous Shanghai National Police breach.
Advertisement
Who knows the download link / server?
I wonder how many US Government officials (Senators, House Members, and family members) are in there as well.
What is Agencies Ghacks?
Mass authors aggregation?
There was a time here on gHacks when several authors other than those mentioned at the foot of this page would intervene. Then some of us would block either of them on the valid or not assumption their articles were AI assisted/written. So, maybe, is ‘Agencies Ghacks’ a generic term meant to forget the author and focus on his/her article. No idea frankly, but frankly as well, I don’t really care. The main point is the article, though a generic term to define the author prevents perhaps a human relationship with the writer : he may less be complimented as well as less insulted :)