Millions of website passwords posted online in hacker attack
By Xu Chi |
December 27, 2011, Tuesday
|
Print Edition
Print Edition
HACKERS have posted details of more than 90 million user profiles from Chinese online forums and social network sites on the Internet, it was reported yesterday.
Among them were 40 million user profiles complete with user names and passwords from Tianya.cn, one of China's biggest online forums, which has more than 60 million users.
Meanwhile, many users of China's microblogging services have been complaining that their profiles are being abused by hackers who kept sending out advertising messages yesterday, the first day that Shanghai required new users to register with their real names.
The incidents follow a serious user information leak last week when more than 50 million user profiles from several Chinese sites were uploaded online after hackers attacked the websites and harvested the information.
The leak sparked doubts among users about the wisdom of the real name policy which has been adopted in many other major cities across the country, including Beijing.
"In a country where online security systems are not strong enough to block hackers from stealing user profiles, will the real name registration only put our privacy in danger?" was one complaint echoed by many other users.
After the latest hacker attack, Tianya.cn e-mailed users on Sunday apologizing and warning them to change their passwords to those with more complicated combinations of numbers and letters.
The popular forum published an announcement saying that the security breach was caused by an outdated security measure widely used in 2009, which recorded all users' passwords in a database but did not disguise them by using codes or symbols.
The old method of recording passwords was also blamed for a leak at csdn.net, which claims to be the world's biggest IT forum, last Wednesday.
During the attack, about 6 million profiles were stolen from the website's database and made public. The website says it is using strengthened measures to ensure profile safety.
More profiles were later found online, including 20 million from 7k7k.com and 8 million from duowan.com, both gaming sites, and 5 million from SNS website renren.com, the newspaper said.
On Weibo.com, users were also complaining that their accounts were being hacked and they were repeatedly being asked by the system to change their passwords.
Some microbloggers complained they had to change their account passwords every time they tried to log on, while others said their accounts were being used by people in other areas of the country.
Weibo officials said that some microbloggers used the same user names and passwords at many other forums or websites, so when their profiles were leaked from one, their other accounts were also being hacked at the same time.
Giving some advises, Weibo officials said that users should use different profiles at different websites and link their accounts to cell phones so they can be warned whenever passwords are changed.
Among them were 40 million user profiles complete with user names and passwords from Tianya.cn, one of China's biggest online forums, which has more than 60 million users.
Meanwhile, many users of China's microblogging services have been complaining that their profiles are being abused by hackers who kept sending out advertising messages yesterday, the first day that Shanghai required new users to register with their real names.
The incidents follow a serious user information leak last week when more than 50 million user profiles from several Chinese sites were uploaded online after hackers attacked the websites and harvested the information.
The leak sparked doubts among users about the wisdom of the real name policy which has been adopted in many other major cities across the country, including Beijing.
"In a country where online security systems are not strong enough to block hackers from stealing user profiles, will the real name registration only put our privacy in danger?" was one complaint echoed by many other users.
After the latest hacker attack, Tianya.cn e-mailed users on Sunday apologizing and warning them to change their passwords to those with more complicated combinations of numbers and letters.
The popular forum published an announcement saying that the security breach was caused by an outdated security measure widely used in 2009, which recorded all users' passwords in a database but did not disguise them by using codes or symbols.
The old method of recording passwords was also blamed for a leak at csdn.net, which claims to be the world's biggest IT forum, last Wednesday.
During the attack, about 6 million profiles were stolen from the website's database and made public. The website says it is using strengthened measures to ensure profile safety.
More profiles were later found online, including 20 million from 7k7k.com and 8 million from duowan.com, both gaming sites, and 5 million from SNS website renren.com, the newspaper said.
On Weibo.com, users were also complaining that their accounts were being hacked and they were repeatedly being asked by the system to change their passwords.
Some microbloggers complained they had to change their account passwords every time they tried to log on, while others said their accounts were being used by people in other areas of the country.
Weibo officials said that some microbloggers used the same user names and passwords at many other forums or websites, so when their profiles were leaked from one, their other accounts were also being hacked at the same time.
Giving some advises, Weibo officials said that users should use different profiles at different websites and link their accounts to cell phones so they can be warned whenever passwords are changed.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
