A massive data breach originating from a private industry contractor of the Chinese Ministry of Public Security (MPS), known as iSoon (also referred to as Anxun), has surfaced on GitHub. The Ministry of Public Security breach included a substantial amount of sensitive information, potentially impacting various facets of espionage operations. The leaked data in the alleged MPS data leak encompassed a range of mixed contents, including but not limited to spyware, details on espionage operations, and even references to a purported “Twitter Monitoring Platform”. This MPS data breach mirrored the magnitude of the NTC Vulkan leak, indicating the severity and potential consequences of the incident.
The Cyber Express team has been investigating the breach and has found that the leaked information included a multitude of conversations, reports, official government plans, articles, phone numbers, names, and contact information spread across thousands of folders within the logs. The actor responsible for the leak organized the data into distinct sections, including complaints from employees, financial issues, chat records, product information, and discussions about infiltration into overseas government departments.
The logs date back to 2018 and cover a large amount of sensitive information with multiple vendors from China and other nations. The leaked messages also revealed exchanges between various entities, shedding light on potentially sensitive conversations and operational details. While the specifics of these exchanges remain under scrutiny, they hint at the complexity and extent of the breach.
The Cyber Express has reached out to the Chinese Ministry of Public Security for comment on the breach, but as of now, no formal acknowledgment or clarification has been provided, leaving the claims surrounding the Ministry of Public Security breach unconfirmed.
The leak comes amid a backdrop of increased APT cyberattacks on China. In 2023, 360 Security Group’s annual cybersecurity report revealed over 1,200 APT attacks on China by 13 foreign organizations, primarily from North America and Asia. These attacks spanned 16 industries, with education being the most targeted. APT organizations, often state-backed, posed threats beyond espionage, potentially paralyzing a nation’s infrastructure.
The Cyber Express assumes no liability for the accuracy or consequences of using this information. The report is based on internal and external research obtained through various means and is provided for reference purposes only. Users bear full responsibility for their reliance on it.