No menu items!

Hacker captures all data from Shanghai’s Covid tracking app, intimate data exposed

A total of 48.5 million people have registered with the “Covid health code app” called Suishenma since it was launched in the Chinese city of Shanghai. Without this app, which displays the owner’s “health status” (in green, yellow and red colors), the individual’s freedom of movement within the city itself is massively restricted.

But data such as names, phone numbers, Chinese identification numbers, and “health code” status have now apparently been captured by a hacker and put up for sale.

Read also: Check out our coverage on curated alternative narratives

“This database contains all the people who have lived in or visited Shanghai since Suishenma’s adoption,” user XJP said in a post on the “Breached” platform, which originally asked for US$4,850 per dataset before lowering the price to US$4,000 later in the day, Reuters reports.

Hacker captures all data from Shanghai's Covid tracking app, intimate data exposed. (Photo internet reproduction)
Hacker captures all data from Shanghai’s Covid tracking app, intimate data exposed. (Photo internet reproduction)

This app is managed by Shanghai’s municipal government, which apparently did not implement sufficient security measures.

However, this also highlights the fact that such surveillance tools not only give state authorities a lot of power over an individual’s freedom of movement but also put private data at risk of being misused.

The more such data sets (name, date of birth, ID numbers, address, health status, etc.) are stored in such applications, the more vulnerable users become to data theft in the event of hacks. Not only that, but malicious hackers could also manipulate the corresponding data of individual users, causing harm to others in this way.

The purported Suishenma breach comes after a hacker said they had procured 23 terabytes of personal information belonging to one billion Chinese citizens from the Shanghai police early last month.

It is becoming increasingly clear that the global implementation of such QR code apps not only poses a threat to personal freedoms but also in terms of data protection and data integrity.

Join us on Telegram: t.me/theriotimes

Check out our other content