A user identified as USDOD posted on a dark web forum, Breached, claiming to have a list containing the personal information of 2 million members of the Communist Party of China (CPC). The user shared a CSV file link purportedly hosted on their own content delivery network (CDN). According to the post, the dataset includes sensitive information such as:

  • Fields: ID, Name, Sex, Ethnicity, Hometown, Organization, ID Card Number, Address, Mobile Number, Phone Number, Education.
  • Sample Data: The post provides example entries showing detailed personal information.

Method:
The user explicitly stated that they did not breach any systems but had been holding onto this data for several months, suggesting it may have been obtained from a third-party source or through alternative means.

Data Format:

  • CSV file format.
  • Contains various fields indicating comprehensive personal details of CPC members.

Noteworthy Aspects:

  • The post claims that this is the first database hosted on the user's own CDN, implying a high level of technical skill and resources.
  • The data was openly shared on the forum without any apparent financial motive or demand.

Threat Actor Profile

Alias: USDOD
Forum Alias: Equation Corp.
Reputation: High, with 881 reputation points on Breached forums.
Activity: Active since July 2023, with 113 posts and 33 threads, indicating a well-known presence within the community.

Motivation:
The user's statement, "Everyone knows that I don’t support any gov and this is more than a message," implies a possible ideological motivation, particularly a stance against governmental institutions, without direct financial gain.

Impact Analysis

Potential Impact:

  • Political Sensitivity: The leak could have significant political ramifications, exposing the identities and personal details of CPC members, potentially endangering their safety and privacy.
  • Diplomatic Tensions: Such a leak could strain international relations, particularly between China and other countries where the data may be used or disseminated.
  • Data Misuse: The information could be exploited for identity theft, blackmail, or targeted attacks against individuals listed.
Share this article
The link has been copied!