• Daily Illinois
  • About
  • Contact
  • Privacy
  • Terms
  • DMCA
  • Sitemap
  • Write For Us
Sunday, March 26, 2023
Daily illinois - USA | News, Sports & Updates Web Magazine
  • Covid-19
  • News
    • All
    • Business
    • Education
    • Politics
    • Sports
    • World
    Ulysses S. Grant Quotes

    50+ Ulysses S. Grant Quotes: Inspirational Words from a Great Leader

    George Washington Quotes

    45+ George Washington Quotes about his Life, and Impact on American History

    The Benefits of Studying Electronics and Computer Engineering

    Harry S. Truman

    40+ Harry S. Truman Quotes for Personal and Professional Growth

    John F. Kennedy Quotes

    55+ John F. Kennedy Quotes that Inspire Leadership, Courage and Hope

    Theodore Roosevelt Quotes

    75+ Theodore Roosevelt Quotes That Will Inspire You To Take Action

    Thomas Jefferson Quotes

    40+ Exploring the Wisdom of Thomas Jefferson Quotes

    Donald Trump Quotes

    40+ Donald Trump Quotes That Define His Legacy

    Lyndon B. Johnson Quotes

    40+ Lyndon B. Johnson Quotes to Inspire and Motivate You

    Abraham Lincoln Quotes

    60+ Abraham Lincoln Quotes That Will Inspire You

  • Science & Tech
    • All
    • Ai - Artificial Intelligence
    • Apps
    • Mobile
    How to Delete a Friend on Snapchat

    How to Delete a Friend on Snapchat: A Step-by-Step Guide

    The Future of Information Technology Programs and the IT Industry

    The Future of Information Technology Programs and the IT Industry

    Best Apps for Android Music Downloads

    5 Best Apps for Android Music Downloads

    Make Clip on Twitch

    How to Make Clip on Twitch?

    Find Someone Information Using Phone Number

    Ways to Find Someone Information Using Phone Number

    What is the Structure of a Mobile App

    What is the Structure of a Mobile App?

    Limit the Damage in an Emergency

    Logging strategy: Limit the Damage in an Emergency

    Dev Ops Future And Free Platform To Learn

    Dev Ops Future And Free Platform To Learn

    Does discord notify you when you leave a group chat?

    Does discord notify you when you leave a group chat?

    Redirects and Benefits of it

    What Are Redirects And Benefits Of It

  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    Best Online Games with Voice Chat

    6 Best Online Games with Voice Chat

    Best Apps for Android Music Downloads

    5 Best Apps for Android Music Downloads

    Make Clip on Twitch

    How to Make Clip on Twitch?

    The 12 Best Horror PC Games

    Best Horror PC Games: the scariest titles to play right now

    See a show on Broadway

    Ideas For Your Bucket List In 2023

    CBD DISPOSABLE VAPE PEN 1000MG

    CBD DISPOSABLE VAPE PEN 1000MG

    What Are The Benefits Of Using HWID Spoofer For Valorant

    What Are The Benefits Of Using HWID Spoofer For Valorant?

    Game studios are shelving play-to-earn games

    Game studios are shelving play-to-earn games

    Battle Infinity

    4,400% return! This coin could still increase its price a hundredfold

    Christine Settingsgaard sits in her yard on Wednesday, Sept 14, 2022, in Barrington. Settingsgaard was lured into sophisticated financial scam this summer via a man she met on Hinge, and “lost everything.”

    The case of the vanishing deposit – Chicago Tribune

    • F95zone
  • Lifestyle
    • All
    • Fashion
    • Food
    • Travel
    How Can You find True Calling

    How Can You find True Calling? These Tips Help You

    Mindfulness and motorhome vacation

    Mindfulness and Motorhome Vacation

    Can I wear a white shirt with grey dress pants?

    Can You Wear a White Shirt with Grey Pants?

    Cargo Pants Outfit

    How Can I Look Stylish with Cargo Pants Outfit

    New Trendy Bodysuit Outfit Ideas 2023

    New Trendy Bodysuit Outfit Ideas 2023

    How Do You Style A Simple Top

    How Do You Style Your Simple Tops?

    Great Ocean Road

    6 Things you can Experience along the Great Ocean Road

    So You Want to Be a Chef Here’s What You Need to Know

    So You Want to Be a Chef? Here’s What You Need to Know

    waterdrop reverse osmosis water filter

    Your Comprehensive Guide To The Tankless Reverse Osmosis System

    Best vegan gift ideas for every budget

    Best vegan gift ideas for every budget

33 °f
Chicago
35 ° Sat
35 ° Sun
35 ° Mon
37 ° Tue
No Result
View All Result
Daily illinois - USA | News, Sports & Updates Web Magazine
  • Covid-19
  • News
    • All
    • Business
    • Education
    • Politics
    • Sports
    • World
    Ulysses S. Grant Quotes

    50+ Ulysses S. Grant Quotes: Inspirational Words from a Great Leader

    George Washington Quotes

    45+ George Washington Quotes about his Life, and Impact on American History

    The Benefits of Studying Electronics and Computer Engineering

    Harry S. Truman

    40+ Harry S. Truman Quotes for Personal and Professional Growth

    John F. Kennedy Quotes

    55+ John F. Kennedy Quotes that Inspire Leadership, Courage and Hope

    Theodore Roosevelt Quotes

    75+ Theodore Roosevelt Quotes That Will Inspire You To Take Action

    Thomas Jefferson Quotes

    40+ Exploring the Wisdom of Thomas Jefferson Quotes

    Donald Trump Quotes

    40+ Donald Trump Quotes That Define His Legacy

    Lyndon B. Johnson Quotes

    40+ Lyndon B. Johnson Quotes to Inspire and Motivate You

    Abraham Lincoln Quotes

    60+ Abraham Lincoln Quotes That Will Inspire You

  • Science & Tech
    • All
    • Ai - Artificial Intelligence
    • Apps
    • Mobile
    How to Delete a Friend on Snapchat

    How to Delete a Friend on Snapchat: A Step-by-Step Guide

    The Future of Information Technology Programs and the IT Industry

    The Future of Information Technology Programs and the IT Industry

    Best Apps for Android Music Downloads

    5 Best Apps for Android Music Downloads

    Make Clip on Twitch

    How to Make Clip on Twitch?

    Find Someone Information Using Phone Number

    Ways to Find Someone Information Using Phone Number

    What is the Structure of a Mobile App

    What is the Structure of a Mobile App?

    Limit the Damage in an Emergency

    Logging strategy: Limit the Damage in an Emergency

    Dev Ops Future And Free Platform To Learn

    Dev Ops Future And Free Platform To Learn

    Does discord notify you when you leave a group chat?

    Does discord notify you when you leave a group chat?

    Redirects and Benefits of it

    What Are Redirects And Benefits Of It

  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    Best Online Games with Voice Chat

    6 Best Online Games with Voice Chat

    Best Apps for Android Music Downloads

    5 Best Apps for Android Music Downloads

    Make Clip on Twitch

    How to Make Clip on Twitch?

    The 12 Best Horror PC Games

    Best Horror PC Games: the scariest titles to play right now

    See a show on Broadway

    Ideas For Your Bucket List In 2023

    CBD DISPOSABLE VAPE PEN 1000MG

    CBD DISPOSABLE VAPE PEN 1000MG

    What Are The Benefits Of Using HWID Spoofer For Valorant

    What Are The Benefits Of Using HWID Spoofer For Valorant?

    Game studios are shelving play-to-earn games

    Game studios are shelving play-to-earn games

    Battle Infinity

    4,400% return! This coin could still increase its price a hundredfold

    Christine Settingsgaard sits in her yard on Wednesday, Sept 14, 2022, in Barrington. Settingsgaard was lured into sophisticated financial scam this summer via a man she met on Hinge, and “lost everything.”

    The case of the vanishing deposit – Chicago Tribune

    • F95zone
  • Lifestyle
    • All
    • Fashion
    • Food
    • Travel
    How Can You find True Calling

    How Can You find True Calling? These Tips Help You

    Mindfulness and motorhome vacation

    Mindfulness and Motorhome Vacation

    Can I wear a white shirt with grey dress pants?

    Can You Wear a White Shirt with Grey Pants?

    Cargo Pants Outfit

    How Can I Look Stylish with Cargo Pants Outfit

    New Trendy Bodysuit Outfit Ideas 2023

    New Trendy Bodysuit Outfit Ideas 2023

    How Do You Style A Simple Top

    How Do You Style Your Simple Tops?

    Great Ocean Road

    6 Things you can Experience along the Great Ocean Road

    So You Want to Be a Chef Here’s What You Need to Know

    So You Want to Be a Chef? Here’s What You Need to Know

    waterdrop reverse osmosis water filter

    Your Comprehensive Guide To The Tankless Reverse Osmosis System

    Best vegan gift ideas for every budget

    Best vegan gift ideas for every budget

33 °f
Chicago
35 ° Sat
35 ° Sun
35 ° Mon
37 ° Tue
No Result
View All Result
Daily illinois - USA | News, Sports & Updates Web Magazine
No Result
View All Result
Home Science & Tech

Xuetong responds to 170 million suspected data leakage

by S. Publisher
November 20, 2022
in Science & Tech
Reading Time: 5 mins read
0
Xuetong-responds-to-170-million-suspected-data-leakage
499
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Recently, “Xuetong Database Suspected Information Leakage” appeared on Weibo’s hot search. According to the network security public account “M78 Security Team” on June 20 (now deleted), the database information of the university learning software “Learning Pass” is suspected to have been leaked on a large scale, including name, mobile phone number, gender, school, student number, email, etc. The number of messages is suspected to be 172.73 million.

In response, Xuetong responded on Weibo on the 21st that it does not store the user’s plaintext password, and theoretically the user’s password will not be leaked. Xuetong also said that after receiving the news of the suspected leakage of user data, it has continuously conducted technical investigations for more than ten hours. No clear evidence of user information leakage has been found, and the public security organs have been involved in the investigation.

Related posts

How to Delete a Friend on Snapchat

How to Delete a Friend on Snapchat: A Step-by-Step Guide

March 24, 2023
The Future of Information Technology Programs and the IT Industry

The Future of Information Technology Programs and the IT Industry

March 9, 2023

In response to Xuetong’s response, some experts told Nandu Privacy Guard that as long as there are loopholes in the system, hackers may imitate the user’s login process and steal database information without a password. And if the strength of the database encryption is not enough, as long as there is enough time and computing power, it can also be unlocked. Thus, doing great in data backup and disaster recovery is becoming more important.

According to public information, Xuetong is an educational software under Beijing Century Chaoxing Information Technology Development Co., Ltd. It has a very high penetration rate in colleges and universities. Its functions include online course punch-in, examination invigilation, etc. In the Apple App Store, the Xuetong App currently has 120,000 ratings, with an average rating of 1.4 (out of 5). In the low score evaluation, many users expressed their dissatisfaction with the privacy collection and user experience.

On June 20, the “M78 Security Team” issued a document saying that it found that the Xuetong database was being sold by hackers through illegal channels, covering names, mobile phone numbers, student IDs, job IDs, gender, email addresses, passwords of some users, etc. 7,273 items, the first disclosure of information leakage in the Xuetong database

The author verified and found that the social work library robot in a well-known software can already query relevant information, and the query information covers key information such as student number, name, gender, school, mobile phone number, etc., which is consistent with his own learning information. “So with a high probability, the news is accurate.”

According to the screenshots from the Internet, Nandu Privacy Guard entered the platform of the seller who sold Xuetong user data. The seller claimed to “sell a data for a friend”, including the school/organization name, name, mobile number, student number/worker in Xuetong. Number, gender, email, a total of 172.73 million entries, including 10.76 million passwords.

On the afternoon of the 21st, Xuetong responded publicly on the official blog, saying that the company received feedback on “suspected Xuetong APP user data leakage” on the evening of the 20th, and immediately organized a technical investigation. Evidence of user information leakage. In view of the seriousness of the matter, the company has reported the case to the public security organs, and the public security organs have been involved in the investigation.

Xuetong also emphasized that online rumors that the password was leaked were untrue. Because it does not store the user’s plaintext password, it adopts one-way encrypted storage. Under this technical means, even the company’s internal employees (including programmers) cannot obtain the password in plaintext. “Theoretically, the user’s password will not be leaked.”

Although Xuetong has not confirmed the discovery of user data leakage, as of now, a number of Xuetong users have posted the Xuetong page after logging in on the Internet, and some show that the number of times of use is as high as 100,000. Some netizens said that they had received a lot of harassing calls recently, and they suspected that it was related to the data leakage of Xuetong.

In this regard, Xuetong explained that the usage of Xuetong is not “the number of times of using Xuetong”, but the number of page requests sent to the server when users use Xuetong. If the user is studying normally, there will be hundreds to thousands of usage per day. quantity. Therefore, there are hundreds of thousands of usage “a normal phenomenon, not a manifestation of account leakage.” However, the number of users who read 0 minutes has also reached tens of thousands.

Regarding Xuetong’s response to the data breach, Peng Gen, general manager of Beijing Hanhua Feitian Xin’an Technology Co., Ltd., said that there is no necessary connection between keeping passwords and data leakage. “As long as there are loopholes in the system, it is possible for hackers to imitate the user login process and steal information from the database without the need for a password.”

As for the password storage method, Peng Gen believes that there is no such thing as the so-called “one-way encrypted storage”, and he guesses that it may refer to an irreversible method. But he emphasized that if the password strength is not enough, as long as there is enough time and computing power, it can also be unlocked.

Nandu Privacy Guard has learned from a number of college students that many colleges and universities are still using “learning pass”, and some colleges and universities have issued notices to students to change their passwords. There are also many netizens who said that they have canceled the Xuetong account.

A student at Chang’an University told Nandu Privacy Guard that she had used the same password on many platforms and “felt panicked” after seeing the news. She hopes that “Xuetong” will first dispel the public’s doubts, respond as soon as possible, and inform the public of the extent of the leak, the worst impact, and how to quickly solve the problem.

Xiong Dingzhong, chief partner of Qinglu Law Firm, said that since Xuetong has reported the case, the first thing to do is to wait for the results of the investigation by the public security organs. If a data breach does occur, it depends on whether the platform is at fault. If the platform has already followed the legal requirements to achieve the corresponding security level measures according to the type of user sensitive information it holds, “it may not have much responsibility at all, which is equivalent to saying that they are also victims.”

He also mentioned that individuals have the right to report to the Ministry of Industry and Information Technology or the Cyberspace Administration of China if they receive a large number of harassing calls or receive a large amount of illegal information. “But the public security organs have direct jurisdiction over such a large-scale database leak, so for ordinary users, they can just wait for the police report.”

Nandu Privacy Guard inquired about the national information security vulnerability sharing platform and found that in March 2020, the Xuetong App was found to have an XSS vulnerability (cross-site scripting attack, which means that website vulnerabilities can be used to maliciously steal information from users); It was found that there is an information leakage vulnerability, and the hazard level is “medium”. In September and November 2021, Xuetong updated two patches.

In addition, Xiong Dingzhong also pointed out that data leakage and system breach are two situations. The latter means that hackers may access user records in large numbers and frequently, and use running apps to further steal users’ personal information, “which will be more serious than just the leakage of the database.”

In a word, businesses and people must both understand how to secure their data. Businesses must be accountable to their consumers, while individuals must be accountable for their own data security. With the advancement of technology, we now have various options for data protection. Data backup and disaster recovery, for example. Virtual machine backup is a novel backup technology that is secure and dependable and may freely backup data in multiple situations. VMware backup, Hyper-V backup, Xenserver backup, and other popular virtual machine backups are available.

Related

Share200Tweet125Share50
Previous Post

Artificial intelligence technology can secure sites by scanning major venues for weapons

Next Post

Weight Loss Phone Apps: Do They Work?

Next Post
Weight-Loss-Phone-Apps

Weight Loss Phone Apps: Do They Work?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News - Daily illinois

How to Delete a Friend on Snapchat

How to Delete a Friend on Snapchat: A Step-by-Step Guide

March 24, 2023
Ulysses S. Grant Quotes

50+ Ulysses S. Grant Quotes: Inspirational Words from a Great Leader

March 24, 2023
George Washington Quotes

45+ George Washington Quotes about his Life, and Impact on American History

March 24, 2023
The Advantages of Physical Therapy for Back Pain

The Advantages of Physical Therapy for Back Pain

March 17, 2023

The Benefits of Studying Electronics and Computer Engineering

March 16, 2023
cancer causing ingredients in cosmetics

Carcinogens in Makeup

March 15, 2023
Harry S. Truman

40+ Harry S. Truman Quotes for Personal and Professional Growth

March 12, 2023
most common skin concerns

What are the Most Common & Top Skin Concerns?

March 9, 2023
Daily illinois - USA | News, Sports & Updates Web Magazine

Copyright © 2020 Dailyillinois.com.

Navigate Site

  • Daily Illinois
  • About
  • Contact
  • Privacy
  • Terms
  • DMCA
  • Sitemap
  • Write For Us

Follow Us

No Result
View All Result
  • About Us Page
  • Contact
  • Daily illinois
  • DMCA Policy
  • Privacy Policy
  • Submit, Guest Post, Write For Us and Become a Contributor
  • Terms of Use

Copyright © 2020 Dailyillinois.com.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.