Massive Chinese Data Leak Exposes 8.7 Billion Records
On February 4, 2026, cybersecurity researchers revealed a major data breach involving an unsecured database containing 8.7 billion records tied to individuals and businesses in China. The exposure, discovered in early January 2026, remained accessible for over three weeks before being secured.
The leaked dataset included national ID numbers, home addresses, email accounts, social media credentials, and passwords, posing severe risks of identity theft and account takeovers. The records were stored in an Elasticsearch cluster hosted on so-called "bulletproof" infrastructure, suggesting deliberate data aggregation rather than an accidental misconfiguration.
While the database has since been closed, experts warn that malicious actors targeting China may have already exfiltrated the data. This incident underscores ongoing vulnerabilities in large-scale data handling, as China has faced multiple high-profile leaks in recent years.
Source: https://dig.watch/updates/major-chinese-data-leak-exposes-billions-of-records
RST Cloud cybersecurity rating report: https://www.rankiteo.com/company/rst-cloud
"id": "RST1770203255",
"linkid": "rst-cloud",
"type": "Breach",
"date": "1/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '8.7 billion records',
'location': 'China',
'type': 'Individuals and Businesses'}],
'attack_vector': 'Unsecured Database',
'data_breach': {'data_exfiltration': 'Possible',
'number_of_records_exposed': '8.7 billion',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['National ID numbers',
'Home addresses',
'Email accounts',
'Social media credentials',
'Passwords']},
'date_detected': '2026-01-01',
'date_publicly_disclosed': '2026-02-04',
'description': 'On February 4, 2026, cybersecurity researchers revealed a '
'major data breach involving an unsecured database containing '
'8.7 billion records tied to individuals and businesses in '
'China. The exposure, discovered in early January 2026, '
'remained accessible for over three weeks before being '
'secured. The leaked dataset included national ID numbers, '
'home addresses, email accounts, social media credentials, and '
'passwords, posing severe risks of identity theft and account '
'takeovers.',
'impact': {'brand_reputation_impact': 'Severe',
'data_compromised': '8.7 billion records',
'identity_theft_risk': 'Severe',
'systems_affected': 'Elasticsearch cluster'},
'post_incident_analysis': {'root_causes': 'Unsecured Elasticsearch cluster on '
'bulletproof infrastructure'},
'references': [{'source': 'Cybersecurity Researchers'}],
'response': {'containment_measures': 'Database secured'},
'title': 'Massive Chinese Data Leak Exposes 8.7 Billion Records',
'type': 'Data Breach',
'vulnerability_exploited': 'Misconfigured Elasticsearch Cluster'}