BreachExchange mailing list archives
Leaks prompt postal overhaul
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Mon, 24 Dec 2012 09:34:03 -0600
http://www.chinadaily.com.cn/cndy/2012-12/24/content_16045318.htm Delivery firms urged to safeguard information amid security breaches China's postal authorities have ordered an overhaul of the express delivery sector amidgrowing concerns over personal information being leaked and traded by workers. The State Post Bureau said in a recent statement that delivery companies should ensure userinformation is well protected throughout their procedures, and that authorities will beconducting spot-checks on firms, focusing specifically on personal information security. The moves come after various media reports highlighting the reselling by express workers ofdelivery receipt details, which have increased public concern over the disclosure of personalinformation. Liu Jun, deputy chief of the State Post Bureau, said at a conference last week that the nationalauthority plans to build a long-term system of protecting user information in the expressdelivery sector. Anyone found guilty of misusing personal information could face legal action. Liu said companies failing to meet the protection requirements would be suspended fromproviding service until they have rectified any problems identified. China's express delivery industry has been boosted by the booming online shopping market,estimated at 806.2 billion yuan ($129.2 billion) in the first three quarters of this year, accordingto the Ministry of Commerce. Other figures from the State Administration of Industry and Commerce now suggest there are210 million online shoppers in the country. The reselling of package receipts has become big business, said Hong Zhilong, a manager ofthe Anzhenmen branch of ZTO express in Chaoyang district in Beijing. "I now know there are companies that gather this kind of information and resell it - I get callsfrom them all the time," he said. Hong said delivery workers are required to keep the receipts signed for by customers for ayear before handing them to the headquarters of the company. However, Hong said not all workers obey the rules, and "there were many cases of userinformation being leaked". Zhang Guoquan, a manager at the Tianshuiyuan community branch of Shanghai YundaExpress in Beijing, said he also receives phone calls inquiring about sales of receipts andtracking numbers. "I never even talk with them. I have been in this industry for more than 10 years, and I knewhow important reputation is. To me it is a matter of principle," he said. Meanwhile, another area of the industry causing concern to the authorities is the poor disposalof parcel boxes and receipts, by companies and customers. In February, a court in Xiamen, Fujian province, sentenced a 24-year-old man to death afterhe was convicted of killing a woman, who attracted his attention as being wealthy because shehad made so many purchases online, which arrived at her home by express delivery. He noticed the number of parcels she had disposed of at her residential community, and theman had been using the boxes for clues about her wealth. He then pretended to be an express delivery worker, and when she opened the door hegained entry and killed and then robbed her, according to a report by the People's Court Daily. In a statement issued by the national postal authority on Dec 10, express delivery users arereminded to remove any receipts from the outside of any parcels and make sure they do notdisclose anything about their personal information before throwing them away. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- Leaks prompt postal overhaul Erica Absetz (Dec 24)