7 days Hotel was stolen by hackers online hawking

This newspaper published a reporter investigation report, "7 days Hotel database stolen hackers online hawking member data" (hereinafter referred to as "7 Days"), 7 days Hotel issued a public statement, said the content of the report is seriously untrue, 7 days member database has not been stolen. However, whether it times reporter last week's report, or this week's follow-up interview, there is evidence that the seven-day membership database, including membership card number, mobile phone number, e-mail and other information, is indeed out.

7 Days Hotel in the public statement, accusing our correspondent "citing Anonymous information," "is a netizen Weibo on the ' A chain of hotel member information leaked ' screenshot of the tracking report, and verified with 7 days without any relationship," the department is not true report. But in fact, in the 1-month interview, the IT Times reporter from more than "hackers" to obtain clear evidence, the 7-day member database has been "brush Library", the reporter to obtain some data information after verification, confirmed its 7-day membership information. April 14, in a reporter's follow-up interview, a 7-day member to the IT Times reporter confirmed that the database of a string of membership card number is its.

In the article "7 Days", it was mentioned not long ago that hackers through the SQL leak again into the 7-day database "Brush Library" success, in the "7 Days" in the Interview "Tai Bo", has also been the first time to 7 days Hotel reports on its website loopholes, although 7 days the hotel denies this, but in fact this loophole, Disclosed on the same month's vulnerability reporting platform--wooyun. More than one technical person told reporters that the SQL injection vulnerability is one of the reasons why the 7-day Hotel database was stolen.

7 days Hotel In the statement also pointed out that "there have been network security vendors and 7 days to contact to seek cooperation, but 7 days finally did not reach a partnership; Do not rule out this news hype and commercial interests." ”

However, in writing the article "7 Days", in order to avoid some unnecessary trouble, the IT Times reporter did not have contact with any network security vendors, but after the main content of the article, interviewed the security company McAfee technical staff, asked him to the corporate web site security and database security recommendations. Not like the 7-day hotel speculation, this reporter and a network of security manufacturers.