Pierluigi Paganini March 23, 2020

Hackers are offering for sale on the dark web data belonging to 538 million Weibo users, including 172 million phone numbers.

Data of 538 million Weibo users are available for sale on the dark web the news was reported by several Chinese media and users on social networks.

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords.

The huge amount of data is available for 0.177 Bitcoin, approximately USD 1032.

“Internet users found that 538 million Weibo user records are being sold on dark web marketplace. 107 million of the whole leaked personal data have basic account information, including user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more.” reported the website PingWest.

The presence in the dump of not public users’ details, including gender and location, suggests the hackers had access to the company database.

Weibo is a popular Chinese micro-blogging (weibo) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. 

The ads published by the sellers claim that the data were stolen from Weibo in mid-2019.

The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online. The explanation provided by the company is not convincing because the dump offered for sale doesn’t include users’ passwords.

“Phone numbers were leaked due to brute-force matching in 2019 and other personal information were crawled on the Internet,” said Luo Shiyao, Director of Information Security at Weibo. “When we found the security vulnerability we took measures to fix it. We also reported to the police as soon as possible and submit related information to them. Besides, we have been investigating the ‘gray industry’ because we take user personal information very seriously, especially their personal data contains phone numbers.”

“Don’t be credulous. Both password fields and Know Your Customer (KYC) data fields are not shown in the description. Don’t worry too much. Good night.” Luo added.

The seller also shared samples of the data that are legitimate.

The Chinese company already notified authorities about the incident, the investigation is still ongoing.

Pierluigi Paganini

(SecurityAffairs – Weibo, data Dark web)

[adrotate banner=”5″]

[adrotate banner=”13″]