Notify users of data disclosure events over three years

Source: Internet
Author: User
Keywords E-commerce hacker attacks group buying website
Tags aliyun crack credit credit card data data disclosure developed group

is because of the fear of http://www.aliyun.com/zixun/aggregation/673.html "> Hacker's crack technology has developed to be able to read the hash password to the extent of the plaintext disclosure.

July 19, according to the relevant information, we know that Australia's most famous group buying website catch the day announced that the hacker attacked the website, which has a part of the user's password and credit card data stolen.

Surprisingly, this hacker attack took place more than three years ago, and now Catch of the day only disclosed the incident.

According to the information, we know that the company found the incident soon after the website was attacked by hackers and reported to the Australian Federal Police (Australian firstly). In addition to some user password leaks, these passwords are encrypted with hash (hash) one-way hashing algorithms, and some credit card data is stolen. The company notified the users immediately after the data was leaked, while the other users were kept in the dark.

Catch of the day said it eventually decided to disclose the data disclosure incident because of concerns that the hacker's hacking technology had developed to the extent that it could read the plaintext of the hash cipher.

Perhaps out of ignorance, Catch of the day did not point out that hackers had been able to crack simple passwords years ago, and that their password-cracking techniques would only get better. Every time a password leak event is made, the hacker can have a deeper understanding of the hashing algorithm's computational process. Given that more than three years have elapsed since the hacking attack, hackers may have successfully read the plaintext of the stolen passwords.

"It's absurd that they notify users of data leaks over a three-year interval," he said. In the past three or four years, if these users are still using the same password, there may be a larger problem. ”

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.