[Abstract] now this information is only in the spread of the sale, for specific vulnerabilities and information leakage channels have no exact news, 12306 official said the official website is not leaking.
Tencent digital news (Zhang Yujing) today released the well-known vulnerability platform cloud on the news, "12306 a large number of user data in the Internet crazy including user account, password, identity card and other plaintext mailbox", but is still unable to confirm the information leakage way.
when the Spring Festival peak ticket 12306, a huge amount of users is 100% real name authentication, as can be imagined this degree of information disclosure will influence caused by the news that the leakage is known has reached 140 thousand group. But they now only spread in the sale, for the specific vulnerabilities and leaks of information is not the exact message, many white hat hackers to guess this information is likely to be by a software to grab votes leaked.
12306 has responded by saying that the leakage of information is not derived from the 12306 site, should be the development of the third party website to grab tickets artifact leak.
below is 12306 full text:
appeared on the Internet, 12306 site user information crazy pass on the Internet, the report, after careful verification of my site, this leaked information contains all the user’s plaintext password. All of my website database password is a number of non encrypted plaintext conversion code, the user information leaked online department or other channels through the outflow. Currently, the public security organs have been involved in the investigation.
I site solemnly remind the passengers, to ensure the information security of the majority of users, please you through the official website of 12306 tickets, do not use third party software to grab votes ticket, or the third party ticket, to prevent leakage of personal information of your identity.
at the same time, I remind the majority of visitors to the site, part of the third party web site to grab tickets artifact, there are bundled sales insurance function, please note that the majority of visitors.
China Railway Customer Service Center
December 25, 2014