On July 8, a screenshot of more than 220 million pieces of user information on the dark web was recently circulated on the Internet. The leaked data is suspected to include user account numbers (UIDs) and mobile phone numbers, and the price is 0.5 bitcoins or 17.72 ethers.
Currently, one bitcoin is worth about $22,000 and one ether is about $1,200. That said, the data sold for nearly $11,000.
According to the screenshots circulated on the dark web, the post was published in the early morning of July 6. The owner of the post claimed that “China youtube [Bilibili] data leaked 2.3MM”, and the number was 221,223,698, including UIDs and mobile phone numbers. In addition to the small amount of data shown in the post, the post owner provided sample data totaling over 500,000 rows.
According to Southern Metropolis Daily, after randomly selecting some sample data for verification, it was found that the UID basically corresponds to the account of station B, while some of the corresponding mobile phone numbers are empty, and some can be connected, but the mobile phone number and UID have not been confirmed yet. point to the same user.
Today, the relevant person in charge of Station B said that the online information about “suspected user data leakage” is completely untrue. After a comprehensive technical investigation and analysis and comparison, the company confirmed that the leaked data transmitted on the Internet was wrong information.
It is reported that UID is the abbreviation of user identity certificate. It is a digital ID number directly assigned by the system when the user registers, which belongs to public data. At present, on the homepage of users of station B, their UIDs are clearly marked in the “Personal Information” column.
In addition, according to a reporter from the Times Weekly, citing people familiar with the matter, the suspected leaked data should be a combination of the user’s public UID information and the wrong mobile phone number, which eventually caused the illusion of a suspected leak.
According to industry analysts, if only the UID and mobile phone number are leaked, the first reason is that the website has loopholes, which may be loopholes on the platform side or third-party interface loopholes, causing data to be “dragged into the library” (referring to After the site was compromised, hackers stole its database files). The second reason may be that the internal computer of the platform has a virus and is controlled by hackers, or that the UID and mobile phone number are leaked in the process of processing and backing up.
In the past two years, corporate employee information leakage incidents have also occurred frequently.
According to Dimensional Research, more than 80% of companies will experience identity-related data breaches in 2021.
Leifeng.com noticed that not long ago, multiple platforms were exposed to problems such as theft of user accounts and leakage of personal information, such as the theft of large-scale Tencent QQ accounts, and the suspected leakage of Xuetong user data…
On June 26, the large-scale QQ account hacking incident quickly became a hot search on Weibo.
According to the topic, a large number of users have reported that they have encountered the situation of their own or their friends, family members, colleagues, etc. being stolen, and they are suspected to have been launched by criminals to launch a new round of attacks; the stolen QQ numbers are automatically published in the group. Spam messages , causing the account owner to suffer “social death”, and some netizens tried to retrieve the account through appeals to no avail.
In this large-scale data leakage incident, some netizens reported that the account theft was suspected to be from a credential stuffing attack, most of which occurred among students. Clicking on the link of the spam message will also cause the account to be stolen.
Judging from the situation, the leakage incident has affected a wide range. Whether it is Android, HarmonyOS, iOS users, or users in various provinces and regions, there is feedback. The main symptom is that the stolen account will automatically send messages to friends and groups. Elegant images and gambling sexual content. At present, Tencent has not responded yet, and also does not understand the source of the leak for the time being.
In response to this, Tencent QQ’s official Weibo also responded that the main reason was that users had scanned the game login QR code forged by criminals and authorized the login. “At present, we are collecting and sorting out criminal evidence of black production gangs, and we will cooperate with relevant departments to carry out work as needed to protect the legitimate rights and interests of the platform and users.”
It is worth mentioning that there were also reports in May this year that a large number of netizens reported that their QQ accounts had been stolen and sent vulgar links to friends and QQ groups. These ads have different backgrounds, but they all point to the same URL.
Not only QQ, but also Xuetong, which is used by millions of college students, has also been exposed to a large-scale dragging incident.
On June 21, a screenshot suddenly appeared on the Internet, and it was quickly and widely spread on major platforms. The screenshot showed: “Selling Learning Pass Data”, “A total of 172.73 million pieces”, “10.76 million passwords included”, ” 12,000 RMB”.
Subsequently, the M78 security team publicly claimed that the database information of the college student learning software Chaoxing Xuetong was being publicly sold by hackers through illegal channels, and the specific situation was temporarily unknown. The peddled data included 172.73 million pieces of information such as name, mobile phone number, gender, school, student ID, and email address.
At the same time, there are also a large number of Chaoxing Xuetong users on Weibo saying that there are mobile phone numbers from other places to send messages and calls to themselves, and some users even report that they received a fraudulent call from overseas a few days ago, and the other party can report their own ID number, know that you have Alipay student certification.
There are also many netizens who have exposed the relevant notices about the leakage of the Xuetong database from major colleges and universities. The notification shows:
After receiving an important notice from the education network, Chaoxing Xuetong has confirmed that it has been towed to the database. It is confirmed that the leaked data contains 1,772.73 million pieces of information such as institution name, school, student number, mobile phone number, gender, password, and email address. Involving a large number of colleges and universities across the country, the emergency safety response is A-level. If your other system password is the same as the Chaoxing Learning Pass password, please change it to a new password as soon as possible to prevent credential stuffing from causing more harm to yourself, and beware of fraud.
According to media reports, a large number of schools are suspected to be involved in the leak of the Xuetong database, including not only colleges and universities across the country, but also a number of kindergartens, primary and secondary schools and other educational institutions. It is reported that the tow library is also considered to be the user information saved on the internal server of the software packaged and downloaded, and then “bumps the library” with the account of the user’s other systems, that is, tries the combination of name and password one by one until the password of the other party’s other account is cracked. .
But soon, Xuetong issued a statement saying that Xuetong does not store user passwords in plain text, and adopts one-way encrypted storage. In theory, user passwords will not be leaked. Under this technical means, even internal employees (including programmers) of the company cannot Get the password in plaintext. The company confirmed that online rumors that the password had been leaked were untrue.
Not only domestic, but also data leakage incidents often occur abroad.
Previously, Colonial Pipeline, the largest U.S. fuel pipeline operator, was also hit by a cyber attack, losing control of most of the oil pipelines and was forced to shut down 5,500 miles of fuel pipelines.
In fact, the frequent occurrence of these data leakage incidents has brought great attention to data security issues.
A security industry practitioner said, “The value of data has become higher today, and the degree of digitalization of enterprises has also increased, resulting in a larger scope of impact after an attack. The original system was attacked, which had little impact on production and could be a major event. Small and trivial matters are dealt with in a more subtle way, often silently. Now that business is more dependent on digitalization, it will directly affect the business, and even lead to the shutdown of production and operation, which will have a greater impact on the public level.”
This article is reprinted from: https://www.leiphone.com/category/industrynews/yNtN1varvGvqjHyL.html
This site is for inclusion only, and the copyright belongs to the original author.