BreachExchange mailing list archives
1.9 million user accounts hacked at recruitment website 51Job
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Mon, 18 Jun 2018 17:58:24 -0500
https://supchina.com/2018/06/18/1-9-million-user-accounts-hacked-at-recruitment-website-51job/ Private data of more than 1.9 million users of 51Job.com, one of the largest recruitment platforms in China, were reportedly found for sale on the dark web, according to <https://www.thepaper.cn/newsDetail_forward_2198458> (in Chinese) The Paper. Judging from sample information provided by the hackers, the breach gave hackers access to usernames, passwords, email addresses, real names, and identity card numbers. The whole package of data from 1.95 million users could be purchased for 12 bitcoin (around $80,600 at today’s rates). On June 15, 51Job.com confirmed the leak, but said that its database had not been hacked but rather that the hackers stole the information from other sources and then “tested” them on its platform. 51Job.com did not elaborate on the source of the stolen data but hinted that the incident was associated with a massive data breach of NetEase’s email service in 2015. “It’s very likely that some hackers reused the data, trying to log in with those email addresses and passwords,” an employee at 51Job.com told the reporter, adding that the website had already implemented a series of security measures to prevent potential data leaks, and the user accounts affected this time are mostly idle ones that hadn’t installed new protection features. There has been no independent confirmation of 51Jobs.com’s account. Last week, Chinese video-sharing website AcFun also fell victim to hackers, who claimed that they had acquired account data of millions of users. On June 12, the website started negotiating with the attackers after they released some of the hacked data. The story then took an unexpected turn on June 14 when the hackers apologized and announced <http://www.yxdown.com/news/201806/403820.html> (in Chinese) they would delete all the data they obtained due to AcFun’s earnest persuasion.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- 1.9 million user accounts hacked at recruitment website 51Job Inga Goddijn (Jun 19)