Researchers have uncovered a massive trove of data being put up for sale on an underground criminal forum by a hacker suspected to be operating of China. According to a FireEye iSight Intelligence report, the data of about 200 million Japanese users are being sold as a single, huge archive for ¥1,000 CNY ($150.96 USD), Bleeping Computer reports.
The stolen data has been accumulated through the hacking of about 50 smaller Japanese websites in the food and beverage, entertainment, retail, transportation and financial sectors, researchers note. Users whose personal details were leaked in earlier breaches dating back to May 2013 along data of new users were discovered in the new cache. The compromised data includes full names, home and email addresses, dates of birth and phone numbers.
However, it is worth noting that the origin of some of the data being sold is debatable considering that the population of Japan is currently a little over 127 million, based on latest UN estimates.
Researchers suspect the hacker behind the data dump is operating out of China whose online persona has been linked to a QQ social network ID that is associated with another hacker's persona that has been active since 2013. The QQ address is connected to an individual living in China's Zhejiang province, they added.
Notably, both hacking persona have reportedly received a bad reputation and terrible reviews on the underground cybercriminal market. Multiple threat actors commenting on the forum thread where the data archive was being sold claimed they bought the cache, but never received the files.
Still, the hacker has been associated with selling troves of data belonging to companies in China, Taiwan, Hong Kong, North American countries, European countries, Australia and New Zealand on several Chinese cybercriminal forums.