User information was leaked, data encryption protection became the focus

According to recent reports, many users reported that user information of the cross-border e-commerce platform Xiaohongshu was leaked on a large scale, and 50 users were defrauded of 879,163.58 yuan. According to reports, these deceived users received calls from people claiming to be "Xiaohongshu customer service" and were deceived on the grounds of refunds due to quality issues with the purchased goods. "Xiaohongshu Customer Service" can provide accurate user order numbers, delivery addresses, purchased product information, and even login accounts and passwords. Therefore, many users believed it and were deceived.

According to statistics, the 50 victims were all young women, including 22 college students. The victims were aged between 19 and 31, with the average age being 23. The products they buy on Xiaohongshu are basically cosmetics.

A deceived user questioned that such a large number of Xiaohongshu consumers were deceived, which can only mean that Xiaohongshu caused information leakage. The scammers have mastered almost all the information of Xiaohongshu backend users, including ID card information, which is required when registering on Xiaohongshu. "This shows that there is no confidentiality in Xiaohongshu's backend."

In response to this, Xiaohongshu responded to the media that the company immediately conducted internal verification and technical inspections after learning about the situation, and found no recent leaks of sensitive data on batch accounts.

According to reports, Xiaohongshu has formulated a series of risk rules, security verification methods and login restrictions to prevent corresponding risks caused by the leakage of user sensitive information through other channels. In the future, Xiaohongshu will also take some special measures to prevent fraud gangs from impersonating company customer service. It is worth mentioning that among the 50 people who were defrauded, 16 were defrauded after Xiaohongshu took "special measures."

When consumers are defrauded on e-commerce platforms, it is difficult to protect their rights because there are many channels for information leakage, and it is difficult to define which link caused the problem. The incident has been handed over to the police for investigation, and the specific results are subject to further investigation.

While enjoying Internet life, a large amount of behavioral data has been generated. Consumers should protect their own data, be careful about suspicious links, manage passwords separately, and be wary of strange calls. These measures can reduce such situations. occurrence.

From these cases, we can learn that many large platform companies now have a large amount of user data, but they have no awareness of data protection. The Cybersecurity Law also mentions in detail that protecting user information is a duty and an obligation that must be fulfilled. Therefore, in the face of these file information leakage problems, whether from internal or external sources, it is very good to install transparent encryption software and deploy an enterprise encryption protection system. A solution. Analyzing the ways and methods of leakage, encryption and protection of data files is the best way. Why do you say this? If an enterprise uses file encryption to protect the system deployment and protect the internal data security of the enterprise, the data will not be easily leaked.

For example, after the enterprise version of the Redline Privacy Protection System is deployed and installed, not only can transparent encryption be achieved, but the internal files of the enterprise platform can also achieve permission control. People without permission cannot decrypt or view the files at all, even if they are copied. ciphertext. Department management can set forced encryption settings for different commonly used applications, such as forced automatic encryption of user information files, etc., so as to solve the problem of internal leakage from the root.