Ways of personal information disclosure

It is found that human reselling information, mobile phone leakage, PC infection and website loopholes are the four major ways to disclose personal information at present.

First, human factors, that is, employees of companies and institutions who have information actively resell information.

Case:

According to Beijing Evening News, from 2065438 to March 2005, six employees of education and training institutions in Beijing were tried and pleaded guilty by the court for illegally buying and selling a large number of personal information of students and parents, totaling more than 2 million pieces.

One of the defendants, Yang, a 25-year-old high school student, came to Beijing to work from the Oroqen nationality in Inner Mongolia. According to him, at 20 1 1, he went to work in an education and training institution and found that the company had a lot of parents' information, so he secretly copied some for sale. Yang has worked in at least three such institutions and obtained more than 2 million personal information of students and parents. Yang sold information in bulk on the Internet, with a profit of * * * 1000 yuan, with an average of 5 cents for each piece of information.

Another defendant, Xu, aged 37, holds a master's degree. He started a company on 20 1 1 and needed to enroll students. He just received a text message saying that he had data about the parents of the students. After contact, he spent 2000 yuan to obtain the parents' information of seven primary schools in Haidian, including the primary school attached to the University of Science and Technology. After that, he found a short message agency to send a large number of spam messages at a price of 5 cents each, which can increase the registration volume by 25% every year. At the same time, he increased the price to 20,000 yuan and sold some information to his peers.

The second is the information leaked through mobile phones. There are mainly the following ways: mobile phones have Trojans; Use the hacker's fishing WiFi, or your own WiFi is hacked; Mobile phone cloud service account is stolen (weak password or database conflict or service provider vulnerability). ); APP vendor servers with privacy rights were dragged by hackers; Visit phishing websites through SMS of pseudo base stations. , leading to the leakage of important account passwords; Use hacking devices such as malicious charging treasures; GSM network is monitored by hackers. Third, computers are infected with malicious software such as virus Trojans, which leads to the disclosure of personal information.

While enjoying the convenient and quick functions of the Internet, netizens accidentally infected malicious software such as virus Trojans, which led to the disclosure of personal privacy and important information. If you believe in fake Taobao and fake airline tickets, you will be cheated.

Fourth, the attacker uses the vulnerability of the website to invade the database that stores information.

From the website security attack and defense practice of 20 14, website attacks and vulnerability utilization are developing in the direction of batch and scale. Website security is directly related to a large number of personal information data, business secrets, property security and other data. After an attacker invades a website, he will generally tamper with the content of the website and implant black words and black chains; The second is to implant a backdoor program to control the website or website server; The third is to defraud the administrator's authority by other means, and then control the website or drag the library. Since 20 1 1, the information and data of about 1 1.2 167 million users have been leaked due to dragging and bumping into the library.