A 12G data package belonging to JD.com, a leading online retail platform in China, has reportedly been leaked. The package contains tens of millions of pieces of personal data, including user names, passwords, email addresses and IDs, according to a report by Jiemian News.
据报道,中国网购平台京东(JD.com)泄露了12G信息。据界面新闻报(Jiemian News)道,泄露的信息中含有数千万条个人信息,包括用户名、密码、邮件地址和身份证号。
In an announcement on Dec. 11, JD.com said the leak originated from a Struts 2 vulnerability in 2013, and the company has fixed the problem. The announcement further suggested that users activate mobile certification and payment codes, and update and strengthen their login passwords.
在12月11日的一份声明中,京东表示说信息泄露的源头是该公司2013年留下的一个Struts 2漏洞,目前该公司已经修复了这一问题。该声明进一步建议用户激活手机认证和支付代码,并且修改登陆密码、提高密码的安全性。
This is the second time that JD.com has been involved in a user information leak. In 2015, three employees of JD.com sold a total of 9,313 pieces of information, including names, telephone numbers and addresses, for between 0.3 RMB and 1.5 RMB per piece.
这已经是京东第二次泄露用户信息了。2015年,京东3名员工出售了一共9313条信息,包括用户姓名、电话号码和地址,每条信息售价0.3元到1.5元不等。