A huge dataset has been discovered unsecured online by researchersThis contained roughly 4 billion records - including personal informationThe data could potentially be part of a surveillance effort targeting Chinese citizensAn open instance containing "billions upon billions” of exposed records has been discovered online by cybersecurity researchers - and millions of people could be at risk as a result.Researcher at Cybernews worked with cybersecurity researcher and owner of cyber risk and data protection site SecurityDiscovery.com to uncover a huge database without a password, leaking 631GB of information, equating to roughly 4 billion records.The dataset primarily consists of Chinese customers and users from a range of different sources, in what the Cybernews research teams believed is a “meticulously gathered and maintained” database designed to build “comprehensive behavioral, economic, and social profiles of nearly any Chinese citizen.”Save up to 68% on identity theft protection for TechRadar readers! TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal.Preferred partner (What does this mean?)View DealA surveillance effortThis could be part of a surveillance project, researchers argue, and there are plenty of ways that a threat actor could exploit this information, such as social engineering attacks, identity theft, fraud or even blackmail.“The sheer volume and diversity of data types in this leak suggests that this was likely a centralized aggregation point, potentially maintained for surveillance, profiling, or data enrichment purposes,” the team observed.The instance was “”quickly taken down” after it was discovered, but it’s not known how long it was open for. Unsurprisingly for suspected surveillance data, the information contains PII like full names, dates of birth, and phone numbers, as well as financial data like card numbers, debt and saving information, and spending habits.The largest collection of records most likely came from WeChat, a Chinese alternative to WhatsApp, with over 805 million records exposed.Close behind was a collection of residential data “with geographic identifiers” with 780 million, and a collection named “bank” of 630 million records, primarily with financial and personally identifiable information.If this data breach is as large as it seems, it contains over a billion records more than the National Public Data breach, which was recently reported as one of the largest data breaches ever.You might also likeTake a look at our picks for the best malware removal software aroundCheck out our choice for best antivirus softwareBillions of credentials were stolen from businesses around the world in 2024