Chinese hacker arrested for leaking 6 million logins

Chinese hacker arrested for leaking 6 million logins

Summary: Forget the attacks that have compromised thousands of accounts. This Chinese hacker managed to steal and leak the data belonging to 6 million users, before he was arrested of course.

TOPICS: Security, Servers

In what is being called the biggest hacking case in China's Internet history, police have arrested a man, surnamed Zeng, suspected of leaking personal information belonging to more than 6 million users of the China Software Developer Network (CSDN). Zeng has been detained on charges of illegal acquisition of computer data.

The leak occurred on December 21, 2011, exposing user names, passwords, and e-mail addresses belonging to online shopping, gaming, social networking, and even financial service websites. Police noticed that most of the leaked data dated from July 2009 to July 2010, indicating the CSDN server was hacked before July 2010, according to Shanghai Daily.

Zeng was caught in Wenzhou, east China's Zhejiang Province, on February 4, 2012 after an investigation into the case. During the inquiry, police also uncovered four other hackers doing similar deeds, and are still looking into their illegal activities. Zeng caught the police's attention because of what he posted in September 2010. He said he had gained control of the CSDN database after hacking into the CSDN server in April 2010.

After the incident, Beijing police punished CSDN for poorly securing its database. CSDN apologized to its subscribers and claimed that its server has been properly protected since September 2010. Hopefully this means it now encrypts the account details it stores, because chances are the organization will be hacked again at some point.

There are services such as PwnedList that keep track of online accounts that have been compromised, but I doubt this particular hack was recorded by this site. Even if you're not sure if you were one of the 6 million victims, it can't hurt to regularly change your password on all your online accounts.

See also:

Topics: Security, Servers

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Nobody outside of China knows anything about it

    He might be guilty, or he might not be. The sad thing is that given that the Chinese judicial system is little more than a rubber stamp for the Communist Party, we'll likely never know.
    John L. Ries
    • Spare parts

      His guilt or innocence will depend on his tissue type and whether any senior communist party members need a new kidney at the moment.
      • AND

        ...whether he's a match! ;-)
      • re/

        preferred user
  • Chineese Government Trained Hacker Goes Rogue

    Makes ya wonder, doesn't it. How many hackers has the Chineese Government trained, and how many will turn own their own citizens.
    • Red Herring

      I suspect this guy, even if guilty, is just a red herring for the dozens of hackers the Chinese regime has trained and kept under wraps.

      I mean, he got arrested for hacking a *Chinese* service. Heard of anyone in China getting arrested for hacking non-Chinese military and government sites?
      • Hacker Hire

        I agree, if he had of hacked into anything in the U.S., he would have been given a medal and hired to hack for the Chinese Gov't....
  • It was a job interview!

    Who doubts that rather than this hacker being exiled to a slave labor prison camp making i-pods, he'll be recruited by the police state to join the cadre of state sanctioned hackers causing mischief outside of China?
  • OK, they got caught..... this is a simple fix. . .

    In their country, LASHINGS are not working.
    That way they WILL NOT do it again.
    It also saves lengthy and costly court appearances.
  • Chinese hacker

    They will probably give him teaching position at The University of Science and Technology of Chinaquite possibly with a stolen
    or virtual new identity.
    preferred user