Posts Tagged Leak

Hackers released the passwords of over 70 million Chinese internet accounts

In China, we have the biggest number of people on internet in the world.
But unfortunately our security technology is too bad to support this number one.

In these days, from Dec. 21st to 26th, some hackers have released the passwords of over 70 million Chinese internet accounts. Because most people just have one accounts, so that means over 70 million people have been leaked. Compare with our population, about 5%.

Because some hackers released the users' information of many Chinese famous websites' databases, including the usernames, passwords, email addresses and phone numbers etc. It was not very difficult to find those files and download them, I have downloaded most of them.

But what made me most surprise was almost every people around me, they didn't know this happened, some of them knew that but didn't believe until I showed them their own passwords.

I think this is very dangerous, because hackers just put the passwords in public, so anyone who wants to do some evil things, they have a lot of methods. And because most people use same passwords and same user names for all websites, so that's very easy to find out and get more information from other places like email, IM software and some eCommerce websites. What they have leaked, not only the passwords of those websites.

I don't know whether this is a big news in other foreign countries, but in China, I think it will be bigger after many people are hurt.

The websites which leaked the passwords I have confirmed were:
Facebook-like service - - 4,768,600
Leading IT development website - - 6,428,632
Twitter-like service - - 4,765,895
The biggest Chinese online community website - - 31,761,424
Popular online game community website - - 18,333,776
Popular online game community website - - 8,305,005
Popular online game community website - - 5,577,553
Other common websites -16,144,539 total

In the future may have more passwords leaked, now it's over 70 million. It's really a very huge number!

And from my opinion, they are not just the hackers' faults. Because most of those websites are using unencrypted passwords in the databases. That's why hackers can easily get users' passwords, if they put the passwords into database with MD5, hash or own-created algorithm, hackers can not get them so easily.

I even felt angry about the, as the leading IT development website in China, so many developers talk about the technologies on it, but it is also using unencrypted passwords like other websites in databases, really really shit!! Unforgivable! This is why when I saw their official apology to users I felt worse than before. I've given up it.

If you are a foreign visitor on my blog, any questions you can just ask me, I'd like to tell you what I know.

, , ,


Fork me on GitHub