Huazhu Hotel Hackers Sell 130 Million Users’ Data For 8 Bitcoin (BTC) On Dark Web
The dark web has always represented all of the darkest things about cryptocurrency and blockchain technology. In the beginning days of Bitcoin, politicians pointed to the prevalence of cryptocurrency usage on dark web marketplaces as one reason that the currency itself ought not be trusted. And much like a ghost that continues to haunt the industry, the dark web was used in a high-profile incident yet again this week, this time acting as the setting to facilitate the trade of millions of sets of consumer data.
This revelation follows one of the biggest leaks of user data in the history of China, with a small group of hackers announcing to the world that they had been able to steal the data of over 130 million different individuals. Though it was unclear at first whether the motivations behind the hack were financial or merely political, a report from The Next Web revealed that one of the hackers involved in the heist attempted to sell the data of those 130 million users, asking a price of around eight Bitcoin for the entire set.
Amounting to $56,000, this would be a major sale of information. But for the users effected and the general financial security of effected parties the impacts are far greater than $56,000.
The original theft of user information happened when a security breach within the Huazhu Hotels Group was exploited. This hotel chain is the largest in China, with 10 unique brands spanning over 380 cities and in 3,800 unique hotels. The data itself is no joke, either, the total data stolen amounting to around 141 gigabytes, and containing 240 million records taken from an astonishing 130 million guests, both recent and far in the past.
It is speculated that registration info, including ID number, phone number, email, and password login were all compromised, along with booking information, which would include the card number and hotel ID number. Though it is unclear what exactly hackers might want to do with this information, there can be no doubt that this security breach is a significant one with major ramifications for users who have had their data stolen.
The main outside investigation into the matter is being headed by Zibao, which is a Chinese cybersecurity group. The organization has outlined their belief that the leak happened while developers and programmers with the hotel chain decided to upload some pats of the database to GitHub earlier in the month.
The hotel group has contacted the Shanghai police force, which has worked hard to show their support for the massive hotel chain during this difficult time. Huazhu has spoken out on the incident, acknowledging the seriousness of the problem and outlining the work of their own officials in favor of figuring out who all was responsible for the security breach.
The Shanghai police have also released an official statement on the ongoing investigation, saying that those individuals who committed the illegal acts “will be heavily punished.”