Hacker Leaks 1.4 Billion Tencent Records: Mobile, Email, and QQ IDs Exposed
A threat actor known as “Fenice” has unleashed a staggering 1.4 billion records containing personal information from the tencent.com database. This breach, disclosed on August 11th, involves the exposure of sensitive data, including mobile numbers, email addresses, and QQ IDs.
Fenice, the pseudonymous figure behind this breach, has a reputation for high-profile data leaks, often targeting large corporations with vast user bases. While their motivations remain unclear, their actions have consistently demonstrated a disregard for the privacy and security of ordinary users. This latest breach could be part of a broader campaign aimed at destabilizing major tech players or possibly motivated by financial gain through the sale of this data on underground markets.
The leaked dataset, weighing in at 44 GB when compressed and a colossal 500 GB when uncompressed, includes an alarming array of sensitive information. Among the exposed records are mobile numbers, email addresses, and QQ IDs—all stored in plaintext, making it an immediate and severe risk for those affected.
The exposure of nearly 1.4 billion records poses a myriad of risks, ranging from identity theft and phishing attacks to large-scale fraud. The inclusion of mobile numbers, email addresses, and QQ IDs provides cybercriminals with all the necessary tools to execute targeted attacks, potentially compromising further accounts or leading to more sophisticated social engineering schemes.
For Tencent users, the fallout could be severe, especially for those who rely on the platform for both personal and professional communications. The fact that this data was stored in plaintext indicates a significant lapse in security practices, raising questions about the company’s data protection protocols.
Investigations into the breach are currently underway. Cybersecurity experts from SecurityOnline are actively analyzing the leaked data and working to identify the origin of the attack. Tencent has yet to issue an official statement concerning the incident.
Update:
On August 14th, Tencent QQ Security Centre, as reported by Economic View, refuted the claims, asserting that hackers fabricated the situation by manipulating and exaggerating historical data.