Tech

Hacker Leaks Mountain of Files From Inside Xinjiang Camps

The data includes images of thousands of Uighur detainees, police presentations, and images of training exercises.
Xinjiang hack
Image: Victims of Communism Memorial Foundation
Screen Shot 2021-02-24 at 3
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

A hacker or group of hackers has obtained a massive cache of data from the computer systems of Xinjiang concentration camps, according to a large-scale journalistic collaboration between media outlets and the academic who led the research initiative.

Although the exact contours of the hack itself are unclear, the news signals the sort of highly sought-after information that hackers sometimes obtain and share with journalists and researchers. This comes in a time when hacktivism is going through something of a resurgence, with targets including U.S. police department files and Russian entities over the country’s invasion of Ukraine.

Advertisement

“This is the first hack that I know of,” Dr. Adrian Zenz, director and senior fellow in China Studies at the Victims of Communism Memorial Foundation, who initially obtained the files before sharing them with journalists, told Motherboard in an online chat. Other articles have been based on data related to the Xinjiang region, such as a January 2021 The Intercept report based on a leaked massive Chinese police database, but as Zenz notes, these were not explicitly labeled as coming from a hack. 

Do you have any data or documents related to Xinjiang? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

Zenz added in a tweet on Tuesday that the files were obtained by someone “hacking into Xinjiang police/re-education camp computers.” The BBC, which was one of the outlets that Zenz shared the data with, wrote in one piece of its own coverage that an anonymous source had claimed to “have hacked, downloaded and decrypted the files from a number of police computer servers in the Xinjiang region.”

The files themselves include photos of 2,884 detainees, police training presentations and images of security drills, security directives, and speeches that the researchers say are by leading Chinese officials.

The speeches “show that the leadership demanded security forces to open fire on persons seeking to escape detention, or on those who dared to resist the state,” a description on the Xinjiang Police Files website reads.

“These findings are significant because they provide us with frank policy implementation directives along with the thought processes and intentions that made them a reality,” Zenz added in a statement issued on Tuesday. “This gives an unprecedented look into the personal attitudes of Chinese authorities and the personal involvement of Xi Jinping. Documents with this kind of insight have never before been published, and their revelations are very disturbing.”

The outlets that participated in the collaborative effort including Der Spiegel verified the files by, among other things, geolocating photos included in the dataset.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.