Chinese spammers suffer Hong Kong hack attack and personal data leak

Before they could spam anti-extradition protest forum LIHKG, the tables were turned and their personal details were leaked online

  4106
Online posters calling to spam "Hong Kong independence" groups (Source: Di Bar)

Online posters calling to spam "Hong Kong independence" groups (Source: Di Bar)

TAIPEI (Taiwan News) – Chinese netizens on Di Bar (帝吧), a subforum in Baidu Tieba (百度貼吧), have been calling for spam attacks on the Hong Kong forum LIHKG (連登) but saw instead their personal information leaked by Hong Kong netizens on Tuesday (July 23), Hong Kong Economic Times (HKET) reports.

LIHKG has been an important source of information during the ongoing anti-extradition protests. Di Bar users have already mounted spam attacks on the Facebook pages of the Hong Kong National Front and Civil Human Rights Front, flooding comment areas with anti-Hong Kong independence messages written in simplified characters.

Organizers of the spam attacks, however, called for a halt after their personal information, including photos, addresses, phone numbers, social media accounts, and bank accounts and balances were revealed online. Even their university entrance exam scores were made public by unknown Hong Kong hackers sharing these personal details on LIHKG.


Leaked personal information of Di Bar's user (Source: LIHKG)

Some of the Chinese netizens even found themselves joining the military “voluntarily.” The Hong Kong hackers had used the leaked information to apply for so-called “arduous task force” duties and reported victims' religion to be “Islam,” a religion whose believers are subject to mass surveillance and regular police harassment in China.


Personal information used for enlistment, with religion declared "Islam" (Source: LIHKG)

HKET pointed out that everything on the internet is real-name or ID-based in China, meaning that it is easy for companies or hackers to gain access to all of the personal information with just a name, phone number, or social media account. The result is that “human flesh searching” (肉搜/起底) or "doxxing" became much easier, showing the lack of privacy protection in China.

Victims of the Di Bar leak asked for online advice as to whether they should report the hacks to the police or not. Yet, since they would effectively have to admit that they have engaged in “climbing the wall,” (翻牆) or circumventing governmental internet censorship, many hesitate to seek help from authorities.