Hot search first!170 million student information leaks?The response is here!

Source: Henan Communist Youth League comprehensive from China Youth Daily,@来 来, M78 security team, observer network, Economic Reference News, China Securities News, Xinhua News Agency client, etc.

June 21st

It is reported that students learn software "Super Star Learning"

Database information is publicly sold

More than 170 million pieces of information were suspected to be leaked

Once the news is exposed, it has caused a lot of attention

"Learning" once rushed to the hot search list first

It is reported that

Many domestic universities are recommending students to use

Mainstream learning software "Super Star Learning"

Discovery information includes

School, name, gender, school number

Personal privacy such as mobile phone numbers, mailboxes, passwords and other personal privacy

Leak data is as high as 172.73 million pieces

And being sold publicly on overseas platforms

Some netizens said

"No wonder you receive this text message every day

There are also harassing calls "

Learning response: No clear user information leak evidence is found

Learning official Weibo issued a statement on the 21st stating that Learning Tong received feedback from the "Suspected Learning APP user data leakage" last night and immediately organized technical investigation. At present, the investigation has been conducted for more than ten hours. So far, so far No clear user information leak evidence has been found. In view of the major things, we have reported to the public security organs, and the public security organs have been involved in the investigation.

The statement also stated that the learning password is not stored in learning, and one -way encryption storage is adopted. Theoretically, the user password will not leak. Under such technical means, even if the company's internal employees (including programmers) cannot obtain the password clearly. The company confirmed that the leakage of the password on the Internet is not true.

There are also some netizens who feedback that the frequency of data displayed by the learning software is too high, which is inconsistent with the actual situation. In this regard, the learning throughout said that it is normal for learners to have hundreds of thousands of learning use, not the performance of account leakage.

The disclosure has deleted the article

According to the public account of the M78 security team, the database information of the university student learning software super star learning pass is being sold by hackers on illegal channels. , Treating heated discussion among netizens.

At present, the public account has deleted the article and published a message saying that the relevant information of the relevant security researcher of our company's related security researcher was disclosed by the relevant security researcher of a stars' learning database. Excessive attention, the article has been deleted yesterday afternoon. Related issues will not be replied for the time being, and the relevant departments have been involved in the investigation.

Installation of more than 500 million times suspected overwriting privacy information

Public information display

Super Star Learning Tong is in college

A App with a very high penetration rate

Its functions include online class punch cards, examination monitoring, etc.

The search found that learning through the Android app store showed more than 500 million times. The iOS version of the study has currently received a total of 120,000 scores, with an average score of only 1.4 (5 points in full score). A number of users who gave a star evaluation mentioned that Super Star Learning is suspected of over collecting privacy information. In order to achieve the test and proctor function, users "must open a microphone, must open a camera, and have a real name system."

The official website of Tianyan Check shows that the Beijing Century Super Star Information Technology Development Co., Ltd. is established in January 2000. The legal representative Fu Guoming has a registered capital of 30 million yuan. Services; computer technology training; retail electronics publications, etc., are 60%and 40%of the shares by Ji Chao and Shi Chao, respectively.

Risk information shows that the company related thousands of legal proceedings, most of which are disputes over the communication rights of the work information network, copyright ownership, and infringement disputes. , Media company, etc.

Data from Tianyan Check shows that the company has won more than 2,000 universities, libraries, government agencies and other projects. Since the beginning of this year, there have been 300 pieces of information on the company. The service targets include Henan University of Science and Technology, Yunnan University of Traditional Chinese Medicine, Zhejiang Vocational College of Finance, Shanghai University of Finance and Economics Zhejiang College, Shandong Vocational College of Tourism. The company's actual controller also associated more than 20 companies. Among them, Beijing Super Star Digital Map Information Technology Co., Ltd. was punished for not fulfilling the obligations of cyber security protection. Lanzhou Super Star Education Technology Co., Ltd. was fined for providing false materials for pocket materials.

Some netizens said that the school has informed the students to modify the password, "the school has notified the code to modify the password."

Internet information leaks have repeatedly followed the hotspot

The problem of Internet information leakage has always been one of the most concerned issues for online users. Recently, similar issues have been heated and watched many times, which means that network users' attention to information security is gradually strengthening.

Experts believe that this is actually a benign trend, and on the other hand, the supervision of Internet information security is more perfect and improved.

In fact, information security issues have become increasingly the focus of network security management.

The National Computer Virus Emergency Treatment Center recently found that 15 mobile APPs had privacy and unsatisfactory behaviors, violated the relevant provisions of the Cyber ​​Security Law and the Personal Information Protection Law, and collected personal privacy information for over -range collection.

In response to the above situation, the National Computer Virus Emergency treatment Center reminds mobile users to first download and use the above illegal and illegal mobile apps. At the same time, pay attention to reading its user agreement and privacy policy. Enter personal privacy information at will, maintain and clean up related data, and avoid leakage of personal privacy information. In addition, recently, the Supreme People's Procuratorate issued the "Notice on Strengthening the Connection of Criminal Prosecution and Charity Litigation Procuratorates to severely crack down on telecommunications network crimes to strengthen personal information judicial protection" (hereinafter referred to as the "Notice"). The local procuratorial organs are required to actively promote the unified and correct implementation of laws and regulations such as the protection of personal information protection, participate in the governance of network space, strengthen the connection and cooperation of criminal procuratorial and public interest litigation procuratorial functions, and achieve full -chain blows and integrated network governance.

The "Notice" requires focusing on key industries, key areas, and key groups to carry out supervision and handling cases, and conduct in -depth to carry out the "inner ghosts" in accordance with the law to disclose illegal crimes of citizens' personal information. The key groups include elderly people who are vulnerable to telecommunications network fraud violations, students in schools, and minors.

, Protect personal information privacy!

- END -