Chinese hacker arrested for leaking 6 million logins

Forget the attacks that have compromised thousands of accounts. This Chinese hacker managed to steal and leak the data belonging to 6 million users, before he was arrested of course.
Written by Emil Protalinski, Contributor

In what is being called the biggest hacking case in China's Internet history, police have arrested a man, surnamed Zeng, suspected of leaking personal information belonging to more than 6 million users of the China Software Developer Network (CSDN). Zeng has been detained on charges of illegal acquisition of computer data.

The leak occurred on December 21, 2011, exposing user names, passwords, and e-mail addresses belonging to online shopping, gaming, social networking, and even financial service websites. Police noticed that most of the leaked data dated from July 2009 to July 2010, indicating the CSDN server was hacked before July 2010, according to Shanghai Daily.

Zeng was caught in Wenzhou, east China's Zhejiang Province, on February 4, 2012 after an investigation into the case. During the inquiry, police also uncovered four other hackers doing similar deeds, and are still looking into their illegal activities. Zeng caught the police's attention because of what he posted in September 2010. He said he had gained control of the CSDN database after hacking into the CSDN server in April 2010.

After the incident, Beijing police punished CSDN for poorly securing its database. CSDN apologized to its subscribers and claimed that its server has been properly protected since September 2010. Hopefully this means it now encrypts the account details it stores, because chances are the organization will be hacked again at some point.

There are services such as PwnedList that keep track of online accounts that have been compromised, but I doubt this particular hack was recorded by this site. Even if you're not sure if you were one of the 6 million victims, it can't hurt to regularly change your password on all your online accounts.

See also:

Editorial standards