A ripple effect of user data exposure

Since hackers have publicly published Web sites that provide CSDN websites, some user databases, including Mop, Renren, multiplayer, and so on, have been uploaded online for users to download.

The domestic well-known hacker Goodwell said that the expected disclosure of the site database behavior will likely trigger its knock-on effect, resulting in more Web site data will be released by hackers. Before that, such databases were traded underground, and the hackers could gain from them. But since many users ' usernames and passwords are almost exactly the same on each site, the database in the hands of other hackers is worthless when a hacker releases a website's database. So some hackers, for a variety of purposes, will release the database of other websites, causing a ripple effect.

Goodwell said that the site can not be 100% security, for people with technical skills, landing related sites, the password is not unique. But after the hacker releases the user database information of the website, the person without the technical ability can cause great damage to the website and other users. At the same time, because many users of the user name and password are mostly consistent, it is possible that these people to brush other sites of the library, the impact will be greater. If you want to change the situation, the site will need to force all users to change their passwords, and take a unique encryption method to prevent the user information from being leaked again.

It is said that many sites do not protect the user's information security awareness, the user's data information in the database without any protection. Goodwell suggested that the relevant site can enhance security awareness, from the hardware and software to enhance information protection. Goodwell to Sohu It says, the most thorough protection aspect, is changes the website static password mechanism and uses own unique encryption function and so on MD5 Foundation the method, simultaneously fixes the system loophole in time.

With the Web site and micro-bo real name of the introduction of the real-name, if the real-name site appears user data disclosure events, will have a more adverse impact. Goodwell said that in the real-name premise, the competent departments and the website should be issued corresponding standards and protection mechanisms to securely protect the user's privacy. If the real-name system and security protection mechanism can not keep up with the situation resulting in information disclosure, users will create a crisis of trust in the site and the organization.

Goodwell also advised users to strengthen their awareness of self-protection when surfing the internet. When surfing the Internet, users should set different passwords according to different websites. To facilitate memory, the password is best based on the site's domain name to make the corresponding changes.