Shulou(Shulou.com)06/01 Report--

We will soon say goodbye to us in 2018, and in the past year, although the overall security of the Internet has improved, there have been several waves of influential user information stolen and leaked by hackers. Now let's take a look at the top 10 most watched hackers in 2018.

1. Facebook: 87 million user data leakage

On March 17, 2018, the New York Times of the United States first exposed the behavior of Cambridge Analytics (Cambridge Analytica) using Facebook users' personal information without permission. The incident immediately caused an uproar, and then the British High Court authorized a search of the single institution involved and opened the prelude to a judicial investigation into the incident.

Facebook publicly responded to the secret use of personal information data without users' permission, admitting that Cambridge Analytics improperly used 87 million unauthorized users' private information, which was also denounced by foreign netizens. The storm is not over, and in September, Facebook again announced that hackers had obtained information about 30 million Facebook accounts using 400000 accounts under their control. They can log on to these users' personal homepages and take away the data they want without entering a password.

In response to this successive crisis, Zuckerberg, the head of Facebook, responded that the first loophole exploited by hackers had been blocked, please continue to use it, secondly, they had stopped secretly using user data, and finally, they begged users around the world to forgive them. As for the corresponding compensation was not mentioned, it also made users very upset. "Delete Facebook" became a popular hashtag for the time being.

Since the privacy crisis broke out at Facebook in March, the company's share price has evaporated by $59 billion. To make matters worse, Zuckerberg was jointly asked by shareholders to surrender his power (to resign from CEO). At the same time, many national parliaments even asked Zuckerberg to attend the defense that users' information was stolen and stolen, all of which were rejected.

2. AcFun: 9 million user data leaks

In the early morning of June 13, 2018, the AcFun on-screen video network (hereinafter referred to as "Station A") suddenly announced that about 800-10 million of its user data had been stolen by hackers. Then Station A stressed in the announcement that users who have never logged in after July 7, 2017 and users with low password strength need to change their passwords immediately, and those who are consistent with the passwords in site A user information should also be changed.

The user information stolen by hackers after attacking Station A was quickly sold on a dark network (also known as a dark network, also known as a deep network or invisible network) and shouted out 9 million pieces of user data at a price of 400000 yuan. If the buyer questions the authenticity of the information, it can be tested at random, which has a great impact on the user. In fact, as early as March this year, someone in the dark network forum publicly sold AcFun's first-hand user data, the number is as high as 8 million, but the price is only 12000 yuan, an average of 1 yuan can buy 800.

In order to save users, Kuaishou, who acquired Station A, said at the first time that it fully supported Station An in terms of technology and funds to improve its security capability, and must ensure the data security of users to avoid similar incidents. Then station A upgraded the system security level, made a comprehensive system reinforcement to the AcFun server, and upgraded the technical architecture and security system to ensure that there would not be such a serious leakage event in the future.

3. Huazhu's hotel chains: 240 million check-in records leaked

On August 28, 2018, the online sale of check-in information data from several Huazhu hotel chains suddenly appeared online, which aroused widespread concern among users. After all, the data involves 500 million pieces of users' personal information and check-in records, and these leaked data contain a lot of private information, such as identity card number, home address, bank card number and so on.

Later, Huazhu officials confirmed that the check-in data of the users of the hotel had been sold, and hoped that the sellers would stop the practice immediately and conduct internal checks on more than 3700 hotels in more than 370 cities in the country. this shows how serious the user data leak is.

After investigation, 240 million pieces of user data (66.2G) were leaked, which is the hotel check-in record, as well as about 130 million check-in identity information (22.3G in total) and 123 million official website registration information (53G in total). In these data, the user's name, bank card number, mobile phone number, mailbox, room owner, home address and other core information are leaked.

For Huazhu hotel users' check-in information was leaked, security personnel analyzed that it was caused by Huazhu programmers uploading the database connection and password to GitHub, and the hackers took advantage of this loophole to attack the Huazhu hotel database and drag the library.

4. Marriott Starwood: disclosure of user information of 500 million customers

Like Huazhu, Marriott, a well-known hotel chain, is caught in a situation where user data is stolen by hackers. On November 30, 2018, Marriott announced that its Starwood hotel reservation system had been hacked since 2014, revealing the user information of about 500 million customers. After the news, New York University professor Capps said Marriott had been using the wrong security system for the past four years, which was the main cause of the accident.

After review, we learned that among the 500 million user information leaked by Marriott, all the core information such as the user's name, address, phone number, e-mail address, passport number and credit card were leaked, which is of a very bad nature. Subsequently, the attorneys general of five US states and the British Information Commissioner said that they would thoroughly investigate the matter and let Marriott pay the corresponding punishment.

A US litigation group filed a lawsuit against Marriott on behalf of many consumers, claiming as much as $12.5 billion (only equivalent to $25 for each of the 500m potential stolen users). The main reason for the claim is that Marriott failed to follow up on the security of its systems in the past four years, resulting in such malicious user data leaks. They are still assessing the impact of the leak, and it is not clear whether the corresponding compensation will be followed up.

5. Yuantong: 1 billion pieces of user information data are sold

On June 19, 2018, a user with an ID of "f666666" openly peddled 1 billion Yuantong courier data on the dark Internet, which aroused widespread concern. According to the seller, these data are from late 2014. The data information, including the name, telephone number and address of the sender, is sold by Yuantong insiders in bulk (as long as the express order information is entered into the computer, they can get it).

Subsequently, some netizens verified part of the data and found that the name, telephone number, address and other information in the purchase "order number" were true. In this case, Yuantong officials said it was investigating, but did not acknowledge whether the data were coming from within, saying only that the company's technology department used a variety of technical means to prevent information outflow and improve safety.

According to the price at that time, users could buy 1 million individual user information of Yuantong Express (1 billion pieces of data 1 bitcoin) for as little as 430 yuan, while 1 billion pieces of data cost about 43000 yuan. Can leak so much user information, and the accuracy is so high, it is generally believed that the source is Yuantong internal high-level staff.

According to the seventh amendment to the Criminal Law, the crime of selling or illegally providing citizens' personal information shall be sentenced to fixed-term imprisonment of not more than three years or criminal detention, and concurrently or independently be sentenced to a fine. For postal enterprises and express delivery enterprises, in addition to security measures, at the same time, it is also necessary to improve the management system to put an end to the act of divulging express bill information from within the company.

6. Shunfeng: 300 million pieces of user information data are sold

At the end of August 2018, a user whose ID is "bijiaodiao1688" is openly selling SF Express data, which involves 300 million user data at a price of 2 bitcoins, which includes the names, addresses and telephone numbers of the sender and recipient. In order to prove the accuracy of the data, the buyer can choose to "inspect" the goods first, with 100000 pieces of data and a fee of 0.01Bitcoins.

According to the market price of about US $66.66 per Bitcoin at that time, the 300 million user data was worth 92000 yuan at that time, and at least 900000 pieces of suspected SF Express users' personal information went to the market. Judging from the data feedback from some anonymous test users, 50 were randomly selected with an accuracy rate of more than 90%, which is still very frightening.

In the face of 300 million user data leaks, SF also responded immediately, emphasizing that as early as July 2018, they had paid attention to the relevant information released by dark network users and obtained the relevant data. however, it has been verified that these are not SF data, while officials have denied that the leaked data came from inside SF, and the authorities did not say where the leak came from. CCTV has previously reported that in May 2018, SF employees deliberately leaked inside information to make a profit.

As for the final outcome of this matter, SF did not inform them in time, but according to their statement, as soon as the matter came out, they reported the case to the relevant departments as soon as possible, demanding a thorough investigation into who the leak was and where the source of the leak came from.

7. 51 job: 1.95 million personal resumes are leaked

On June 16, 2018, someone began peddling user information about recruitment site 51 job, which involved 1.95 million resumes, on the dark web site, before 51 job confirmed that some of the user's passwords had been hit.

In order to confirm the authenticity of the leaked data, 51 job also conducted some tests and found that the information was true and reliable, but officials stressed that the vast majority of the data came from account passwords leaked by mailboxes and were registered before 2013. 51 job stressed that such a situation is not dragging the library, but malicious users through these leaked mailbox accounts and passwords, log in to the corresponding site to match, and then deliberately resell.

Finally, 51 job did not want to disclose which mailbox service provider was involved, saying only that the users who registered in 2013 had changed their account password in time, and that they had upgraded the security level of the database to prevent similar situations from happening again.

8. Under Armour: 150 million user information disclosure

Under Armour, a US sports brand, said on March 30, 2018 that its fitness app MyFitnessPal had been hacked due to data vulnerabilities, leaking the data of 150 million users, including user names, e-mail addresses and passwords, but officials stressed that the leaked data did not include more private information such as driver's license number, credit card number and identity information.

MyFitnessPal, a company acquired by Under Armour, which mainly provides exercise and healthy diet guidance services, is popular in North America, with nearly 200m users at its peak. When it was reported that 150 million user information had been stolen by hackers, Under Armour officials said they immediately asked MyFitnessPal users to change their passwords.

9. MyHeritage: 92 million user information disclosure

Compared with other user information disclosure, the consequences of MyHeritage user information disclosure may be very serious. This is a website for family genetic and DNA testing, where user information contains not only private information, but even personal DNA test results.

In early June 2018, MyHeritage announced that the website server was attacked and the attacker intercepted more than 92 million user information, including e-mail and hash passwords, while officials stressed that they did not contain payment card information or DNA test results, but MyHeritag also said that user accounts are secure because passwords are processed by hash using each user's unique encryption key, in order to completely solve this attack. In the end, the site enabled two-factor authentication (2FA) function, even if the hacker managed to decrypt the hash password, without the second step of the verification code, the first step of cracking will be useless.

10. Panera Bread: 37 million user information disclosure

Panerabread, the largest US bakery chain, said on April 4, 2018 that its website panerabread.com had leaked information about 37 million users, and to make matters worse, the leakage had been going on for more than eight months before the official announcement.

Subsequently, the security agency KrebsOnSecurity said that it had discovered the loophole in the Panerabread website as early as August 2, 2017, and did not fix it in time after informing the other party, so the result was serious.

It is reported that the Panerabread website leaks customer records in clear text, and these records can be searched and crawled by automated tools, the actual operation is not complicated, and the ultimate harm may be that some membership card numbers with high credibility may be abused by cyber criminals to overdraft to buy food, or otherwise through obtaining value from these accounts.

SUNING Video Cloud, a subsidiary of Suning, has served more than 3000 customers. With ten years of PPTV media technology and service experience, SUNING Video Cloud is an one-stop SaaS service platform focused on video field built by combining streaming media technology, P2P, CDN distribution, mass storage, security strategy, etc. SUNING Video integrates video LVB, cloud VOD, cloud upload, cloud transcoding, cloud storage, cloud statistics and other functions, and supports customers' business needs of various video scenarios on multiple platforms.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.