Is 170 million user data leaked?This student often uses APP to heat up search first!Response: The case has been reported

College students' "hand -in -one" APP stalls have been on, and Super Star Learning has been exposed to "suspected user data leak", including names, mobile phone numbers, school school numbers, etc.

On the afternoon of the 21st, Super Star Learning Communication responded on its official Weibo that no clear evidence of user information leakage was found, and stated that the public security organs had been involved in investigating the matter.

170 million information leaks?

Learning: No clear evidence is found, and the case has been reported

According to news on June 21, the public account in the security industry said yesterday that the database information of the university student learning software super star learning pass is being sold by hackers on illegal channels. Eliminating information is 172.73 million pieces.

As soon as this news came out, it quickly attracted the attention of netizens and appeared on the top of Weibo. According to the Shanghai Securities Journal, Super Star Learning Tong is an APP with a very high penetration rate in universities. Its functions include online courses for punching cards and examinations and processes. A large number of student users claimed in social media that some foreign mobile phone numbers recently sent information, calling themselves, and even users who reported that they received overseas fraud calls a few days ago. I have Alipay student certification.

On the afternoon of the 21st, Super Star Learning issued a statement on Weibo on Weibo on "Suspected Learning User Data Discovery": After more than ten hours of technical investigation, no clear evidence of user information leakage was found. The public security organs have been reported to the public security organs, and the public security organs have been involved in the investigation.

At the same time, the statement also stated that learning does not store users' clear passwords and takes one -way encryption storage. Theoretically, the user password will not leak. Under such technical means, even if the company's internal employees (including programmers) can not obtain the password. The company confirmed that the leakage of the password on the Internet is not true.

It is worth mentioning that the original article mentioned above has also been deleted. The public account stated that a star learning leakage information is under investigation. Relevant departments are now involved in the investigation.

In addition, on social platforms such as Weibo, many users have posted their own learning communication interface, saying that abnormalities have occurred, and the number of uses is as high as tens of thousands or even 100,000 times. Some users said: "Learning Tong only used less than a month, showing that it used more than 16,000 times. Is this reasonable?"

In this regard, Learning Tong also issued a related Weibo response: The amount of learning through learning is not "the number of use of learning through learning", but the number of times requests the page requested to the server when using the learning pass. "It is normal for learners to have hundreds of thousands of learning.

Thousands of universities and other institutions won the bid

Last year was named by the Ministry of Industry and Information Technology

Tianyancha shows that Beijing Century Super Star Information Technology Development Co., Ltd. was established on January 27, 2000. The registered capital is 30 million yuan. The legal representative is Fu Guoming, which includes technical development, technical promotion, technical consulting, and technical services; Sales computers, software and auxiliary devices.

The bidding information shows that the company has won thousands of universities, libraries, government agencies and other projects. Among them, the company has won more than 300 bids since this year. The service targets include Henan University of Science and Technology, Yunnan University of Traditional Chinese Medicine, Zhejiang Vocational College of Finance, Shanghai University of Finance and Economics Zhejiang College, and Shandong Tourism Vocational College.

Through the search keywords, it can be seen that on the national information security vulnerability sharing platform, the "Super Star Learning" APP has been accused of the existence of information leakage vulnerabilities, and attackers can use the vulnerability to obtain sensitive information.

In addition, on January 22 last year, of the "Learning Pass" developed by the Ministry of Industry and Information Technology of the People's Republic of China on infringement of user rights and interests, the "learning pass" developed by Beijing Century Super Star Information Technology Development Co., Ltd. was also pointed out Collect personal information. In July of the same year, Learning Tong was notified again because of the inspection of the Ministry of Industry and Information Technology and found that the personal information was not completed in violation of regulations.

According to the promotional videos released by Learning Tong in April 2021, the Super Star Group includes digital libraries, academic search websites, readers, learning APPs, smart classrooms and other products. Essence

Source 丨 Shanghai Securities News, Daily Economic News, 21st Century Economic Herald, etc.

Image source 丨 App Store screenshot, Weibo screenshot, screenshot screenshot, national information security vulnerability sharing platform screenshot, etc.

Edit 丨 Zhang Yajing

- END -