Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hacker, suspected of 6 million user info leak, detained

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 23 Mar 2012 04:21:31 -0500 (CDT)
http://www.shanghaidaily.com/nsp/National/2012/03/21/Hacker%2Bsuspected%2Bof%2B6%2Bmillion%2Buser%2Binfo%2Bleak%2Bdetained/

By Zhao Wen
ShanghaiDaily.com
2012-3-21
The man suspected of hacking into China's largest website for programmers and leaking personal information of over 6 million users last December has been detained on charges of illegal acquisition of computer data, the Beijing News reported today.
The suspect surnamed Zeng was held in Wenzhou, eastern Zhejiang Province on February 4 after Beijing police opened an investigation into the case on December 22, the paper said.
The leak, considered the biggest in China's Internet history, occurred on December 21 when the personal information of more than 6 million users of the China Software Developer Network (CSDN) was exposed on the Internet for free downloading.
Police said the leaked information contained user IDs, passwords and e-mail addresses in clear text. The leak had rippling effects on other websites, including online shopping, gaming, social networking and even financial service websites.
Police noticed that most of the leaked data in the case were dated July 2009 to July 2010, indicating the CSDN server was hacked before July 2010.
Zeng caught police's attention because he claimed in an online post in September 2010 that he gained command of the CSDN database and wanted to cooperate with the website, it was reported.
He admitted to hacking into the CSDN server in April 2010 through a system loophole and sneaking into an online recharge platform and a stock brokerage system.
During the investigation, police also uncovered four other hackers and investigation into their illegal activities is still ongoing, the paper said.
After the incident, Beijing police gave CSDN an administrative punishment for lacking efforts to safeguard its database. CSDN apologized to its subscribers and claimed that its database has been safe since September 2010. 


______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now.   A free class invite is in every
PainPill.  Sign up for the free weekly PainPill .  It's that easy.
http://www.expandingsecurity.com/PainPill
Previous By Date Next
Previous By Thread Next

Current thread: