Domestic Banks Deny User Data Leakage
Three rows deny users
Password leak
The bank responded by saying that the core is Rumor Minsheng Bank did not rule out the prosecution of disseminating information; the Ministry of industry has intervened in the investigation of "divulge secrets".
Internet user data leakage continues to ferment.
Following CSDN, Tianya, Sina and other Internet Co, Jingdong mall, NetEase company and Alipay were also involved in the "leak door".
Yesterday, another netizen broke the news that the user data of Bank of communications and Minsheng Bank were also leaked.
At noon yesterday, there were rumors that the 70 million customers of Bank of communications, 35 million users of Minsheng Bank and the user data of ICBC were released. The leaked data included user's name, card number, password and other sensitive information, and released information screenshots.
In response, three banks yesterday issued a statement denying that there was any leakage of user data.
Industry experts also pointed out that bank card trading system can not exist plaintext passwords.
On the 28 day, wooyun, a domestic feedback platform for security issues, issued a vulnerability warning, claiming that Jingdong mall, Alipay and NetEase users were stolen. However, the three companies denied this.
Respond to
Industrial and Commercial Bank of China
Three cards are invalid cards.
ICBC responsible person said that the leak rumors were inconsistent with the reality, the bank's customer information and password is safe.
The official said that ICBC's password for customers in the system
storage
Both encryption and pmission are used. In the cooperation with third party companies, password information is required to operate on the system page.
The official told reporters that in the Internet rumors, the three cards involved in the divulging of bank user data are all invalid cards that have been cancelled.
{page_break}
Bank of Communications
Password hard encryption technology ensures security
The Bank of Communications said in a statement that the rumor was that rumors such as Bank of communications and other large numbers of users were leaking out.
According to the statement, the Bank of communications has always attached great importance to information security, adopting advanced cryptographic hard encryption technology and thorough security precautions to ensure that all customers are safe and efficient.
Finance
Service.
The Bank of communications appealed to all sectors of society to boycott rumors and reserve the right to pursue their legal responsibilities.
Minsheng Bank
Query by background system is not true.
Yesterday, Minsheng Bank was traced to 35 million user information was leaked.
"We query through the backstage system of the bank. The user name and card number in the screenshot do not exist at all."
Minsheng Bank official said yesterday that the incident will be reported to the CBRC with several other banks and will not rule out the prosecution of disseminating information.
Minsheng Bank subsequently issued a formal proof that after verification, micro-blog said Minsheng Bank customer information was leaked seriously.
Link
The Ministry of industry requires the website to check its own safety.
In response to recent information leakage incidents on some Internet websites, the Ministry of Industry issued a notice the day before yesterday, strongly condemning the theft and disclosure of user information and conducting an investigation.
The Ministry of industry and Commerce said in a circular that some recent website user information leakage incidents have seriously infringed on the legitimate rights and interests of Internet users. The Ministry of industry and Commerce has strongly condemned the theft and disclosure of user information.
At the same time, all Internet websites are required to carry out comprehensive safety self-examination.
According to the Ministry of industry and information, the website that breaches user information should do well in the aftermath, and alert users as soon as possible by way of website announcement, e-mail, telephone, text message, etc., to remind users to modify the same username and password used on this website or other websites.
If there is no leakage of user information, it is necessary to strengthen security monitoring and remind users to modify the password if necessary.
The Ministry also reminds Internet users to pay close attention to the announcement of relevant websites and change the password according to the website security tips.
Improve the security strength of passwords and modify them regularly.
{page_break}
"Leak door" should be forced to rebuild Internet industry ethics
The "leak door" completely exposes the short board of network companies ignoring user information security.
Protecting users' right to information security should be the basic survival criterion of websites.
In response to recent information leakage incidents on some Internet websites, the Ministry of industry and Commerce issued a circular on 28 days, expressing "strong condemnation" on the behavior of stealing and divulging user information, and requiring all Internet websites to conduct comprehensive safety self-examination.
After the outflow of passwords from CSDN.NET and Tianya, many netizens said that "change password to soften". However, in terms of websites, we sincerely reflect that there are people who do things in troubled waters.
According to the twenty-first Century economic report, after the leak incident, some websites took the opportunity to fish in troubled waters, and fought the idea of "naked" users. "Some websites directly import data from the open library into their user base, and also notify users to change their passwords to get users."
More "irrigation" companies actually took the account of stolen users to send "water posts" and "zombie powder".
And some companies that compete with each other accuse each other of blaming each other.
After the leak, netizens were shocked, but in some Internet companies, they had already seen a lot of strange things. One of the reasons is that there is huge information asymmetry between the two sides.
Some experts have revealed that the publicly disclosed database is just an old database that has been leaked out for a long time in the hacker trading market.
The network company knew that the database was stolen, and now apologizes and takes measures, which shows the low interest of users in their hearts.
The leak was largely due to "human disaster" - some websites sacrificed the interests of users for commercial interests.
For example, the encrypted storage of user passwords should be a common sense of operation of commercial websites. However, in order to facilitate operation and save costs, some websites have long used plaintext passwords, so that they can easily be stolen.
Another example is that websites that ban simple passwords when users are registered are not common. Some websites do not set up confidential questions, or even verify codes.
In fact, it is not difficult to achieve the above operation, only a concept that puts user interests first.
For websites that have been divulge, it is necessary to remind users to change their passwords in various ways as soon as possible. For websites that are spared, we need to strengthen security monitoring, upgrade hardware as soon as possible, and enhance the capability of anti divulge.
Nowadays, e-commerce, online payment, mobile payment and other network means are becoming more and more important. If the disclosure is expanded, it will not only be a psychological panic, but also a heavy blow to the economy.
From this point of view, for Internet companies, protecting users is to protect themselves; for the government, maintaining healthy Internet industry is also maintaining a healthy economy.
Then, according to the leak incident, the Ministry of industry and information technology only condemns and requests that it is not enough. It should also introduce more specific and practical measures and industry regulations in a timely manner, and even promote relevant legislation, enhance industry standards and supervision, and urge network enterprises to attach importance to users' information security rights and interests.
For example, in many states of the United States, it is legal liability to intentionally disclose user information.
If the leak incident can also "bad things turn good", that is to expose the short board which ignores users' information security and to rebuild the industry ethics. It will protect users' right to information security as a basic survival criterion.
- Related reading
- Consumer rights protection | 國際皮革展企業(yè)展位選播之二(保羅騎士鞋業(yè))
- Consumer rights protection | 國際皮革展企業(yè)展位選播之一(崇州基地招商)
- Consumer rights protection | 有關(guān)領(lǐng)導(dǎo)參觀中國西部皮革展
- Consumer rights protection | 中國西部國際皮革展開幕式
- Consumer rights protection | 2007成都國際采購節(jié)晚會
- Market quotation | Analysis: 500 Million People Can'T Afford Anta Sports Shoes.
- Clothes & Accessories | "Dream On The Shoe" Winning The Title
- Clothes & Accessories | Gap Hand In Hand Pierre Hardy Design New Shoes (Attached)
- Foreign trade information | European Union Finds Counterfeit Goods In Textiles And Shoes Imported From China
- Fashion posters | Group Photo: High Waist Illustration Canvas Shoes Swept The Streets Of Korea.
- Yang Shibin: The Turning Point Of Textile Industry Structural Adjustment And Quality Growth Will Become The Important Content Of '12Th Five-Year'.
- "Made In China" Is At A Time Of No Progress Or Retreat.
- New Design HOLD Live In Ice City
- In The United States, Only 1 Dollars Of Wine Is Sold In China, Why Does It Sell For 46 Dollars In China?
- Jimmy&Nbsp; Choo: I Am Chinese.
- Welcome New Year Leather City Promotion To "BMW"
- Japan Intends To Help Small And Medium Enterprises To Finance Overseas Subsidiaries
- Policies To Win Over The Supporting Enterprises &Nbsp; To Build Chongqing Garment Industry Chain.
- DAZZLE Implementation Of Quotient RFID Project
- Underwear Sold At The Original Price And Sold &Nbsp At The Original Price; Attention Should Be Paid To The Price Trap.