The new rules require audits of cloud environments, compliance with configuration standards, and automated threat monitoring. This will significantly reduce the risk of cyber attacks and improve the protection of critical data.
69 
One of China’s largest data leaks exposed names, ID numbers and sensitive information about citizens, including medical, financial and educational records.
The data breach affected companies including Weibo, JiDi, JD.com, banks and medical institutions. In total, 1.5 billion records were leaked, including full names, addresses, phone numbers, medical and financial data, and traffic information. Researchers discovered vulnerable Elasticsearch servers that had been open for months. In particular, the JD.com and DiDi records contain data that was not previously covered by the leak. They even contain records of Communist Party members and “friendly countries.” This data poses significant risks to victims, including identity theft, financial fraud and phishing attacks.
Data breaches are an ongoing problem in China, but this case is unique in scale: In 2024, the Shanghai General Police Headquarters (SHGA) suffered a data breach that affected 1 billion citizens. However, the servers detected this time are most likely a mix of old and new data, which may indicate malicious intent.
The leak is a disturbing reminder of the vulnerability of data in the digital age. Although the servers have already been shut down, the scope of the potential damage is enormous: 1.5 billion citizen records, including medical, financial and transportation data, were leaked through unsecured servers, creating the risk of financial fraud and identity theft.
69 
73 
63