Serious Security Leak Events of 2011
2012 is coming! However the year 2011 is not passed safely because there're several major events occured to internet security. While the security stuff was most concerned by some huge groups, it's now being considered by more and more people. In this article I would like to post some security leaks that brought people huge effects.
Sonny -One of their paid service PSN(PlayStation Network) was hacked in April, this led over 77 million clients' private info leak to internet. This includes user names, addresses, credit card numbers etc. However, the Sonny group only responded after 3 weeks later and the repari work continued over 5 weeks. The hack caused $170 millions loss for Sonny. (This event is mentioned from our previous post "Top 7 Tech fails of 2011")
The Second event happend in South Korea where "surf in real name" is deployed by their government. In later July, many of their popular websites were attacked. This attack caused users' private data leak for over 35 million people. Very after this security attack, the Korea government decided to give up the "real name" policy gradually.
The last name is for China. Just last week, several of famous Chinese websites are being attacked and caused over 50 million's users' data leak to internet. Some of the popular website names in this event:
CSDN.net -This website is announced to be the largest programmer center in China and over 90% programmers have registered on it. On 12-21-2011, one of it's database backup uploaded to public internet for downloading. This database backup included over 6 million's user registration. The bad thing is all data is in clear text but not encrypted!
Renren.com -It's called the Chinese "Facebook" and by far the most popular social network website in Civial China. Almost the same time of CSDN attack issue, this website leaked over 10 million's user data.
Dangdang.com -One of the most popular online shopping websites in China. On 12-28-2011, their 12 million user database was hacked and being sold on blackmarket.
Other popular websites such as xiaonet.com, duowan.com etc were all attacked and caused user info leak.
From the current report, it seems such event is still processed and no stop! Anyone there who like to register or purchase something online will have to think twice about the potential security risk. Decrease of online sales is expected in that area.
What should the websites' owners do?
As reading above, the website management team have to be responsible for such security leak. The user data leak will direct to potential privacy illegally used and cause legal obligation to victims. It's unimaginable what kind of problems it will bring to people. For website owners, they must try their best to protect such infomation and sign the compensation agreement to users in case problem occurs.
How do deal with such problem from end user?
Since the internet is made by people then everything is possible. We should keep our private data securely. Unless it's a MUST we should not post our real info to the public web. Also, make a strong and complex password for your website logins and always change it often. In a word, think twice before you connect to internet and open your eyes while sleep(just kiding).