[BreachExchange] 1.9 million user accounts hacked at recruitment website 51Job

Inga Goddijn inga at riskbasedsecurity.com
Mon Jun 18 18:58:24 EDT 2018


https://supchina.com/2018/06/18/1-9-million-user-accounts-hacked-at-recruitment-website-51job/

Private data of more than 1.9 million users of 51Job.com, one of the
largest recruitment platforms in China, were reportedly found for sale on
the dark web, according to
<https://www.thepaper.cn/newsDetail_forward_2198458> (in Chinese) The Paper.

Judging from sample information provided by the hackers, the breach gave
hackers access to usernames, passwords, email addresses, real names, and
identity card numbers. The whole package of data from 1.95 million users
could be purchased for 12 bitcoin (around $80,600 at today’s rates).

On June 15, 51Job.com confirmed the leak, but said that its database had
not been hacked but rather that the hackers stole the information from
other sources and then “tested” them on its platform. 51Job.com did not
elaborate on the source of the stolen data but hinted that the incident was
associated with a massive data breach of NetEase’s email service in 2015.
“It’s very likely that some hackers reused the data, trying to log in with
those email addresses and passwords,” an employee at 51Job.com told the
reporter, adding that the website had already implemented a series of
security measures to prevent potential data leaks, and the user accounts
affected this time are mostly idle ones that hadn’t installed new
protection features. There has been no independent confirmation of
51Jobs.com’s account.

Last week, Chinese video-sharing website AcFun also fell victim to hackers,
who claimed that they had acquired account data of millions of users. On
June 12, the website started negotiating with the attackers after they
released some of the hacked data. The story then took an unexpected turn on
June 14 when the hackers apologized and announced
<http://www.yxdown.com/news/201806/403820.html> (in Chinese) they would
delete all the data they obtained due to AcFun’s earnest persuasion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180618/4ce03e5c/attachment.html>


More information about the BreachExchange mailing list