In the era of big data, has your personal information been leaked?

Personal information mainly includes the following categories:

1. Basic information. In order to complete most online behaviors, consumers will submit personal basic information including name, gender, age, ID number, telephone number, email address, home address, etc., and sometimes even personal basic information such as marriage, belief, occupation, work unit, income, medical record, birth and so on.

2. Equipment information. Mainly refers to the basic information of various computer terminal devices (including mobile and fixed terminals) used by consumers, such as location information, Wifi list information, Mac address, CPU information, memory information, SD card information, operating system version, etc.

3. Account information. It mainly includes online banking accounts, third-party payment accounts, social accounts and important email accounts.

4. Private information. It mainly includes address book information, call records, SMS records, IM application software chat records, personal videos, photos and so on.

5. Social relationship information. This mainly includes friend relationship, family member information, work unit information and so on.

6. Network behavior information. It mainly refers to online behavior records, various activities of consumers on the network, such as online time, online location, input records, chatting and making friends, website visit behavior, online game behavior and other personal information.

Security status quo

edit

With the popularity of Internet applications and people's dependence on the Internet, the security problem of the Internet has become increasingly prominent. Malicious programs, all kinds of phishing and fraud continue to grow at a high speed. At the same time, hacking attacks and large-scale disclosure of personal information are frequent. With the rapid increase of various cyber attacks, the personal information disclosure and property losses of a large number of netizens are increasing day by day.

The reporter of Economic Information Daily recently learned that at present, the "black hole door" of information security has reached an alarming level, website attacks and exploits are developing in the direction of batch and scale, and users' privacy and rights are infringed, especially some important data even flows to other countries, not only individuals and enterprises, but also information security threats have risen to the level of national security. ? [ 1]?

The data collected from a vulnerability response platform shows that the known vulnerabilities of the platform can lead to the disclosure of 2.36 billion pieces of private information, including personal privacy information, account passwords, bank card information, trade secret information and so on. The main sources that lead to a lot of data leakage are: Internet websites, games and government systems that input a lot of identity information. According to public information, since 20 1 1, the private information of165438+27 million users has been leaked.

"These data mean that almost everyone who goes online may have their own information stolen or even used unconsciously."

Leakage route

edit

It is found that human reselling information, PC infection, website loopholes and mobile phone loopholes are the four major ways to disclose personal information at present.

First, human factors, that is, employees of companies and institutions who have information actively resell information.

According to Beijing Evening News, from 2065438 to March 2005, six employees of education and training institutions in Beijing were tried and pleaded guilty by the court for illegally buying and selling a large number of personal information of students and parents, totaling more than 2 million pieces.

One of the defendants, Yang, a 25-year-old high school student, came to Beijing to work from the Oroqen nationality in Inner Mongolia. According to him, at 20 1 1, he went to work in an education and training institution and found that the company had a lot of parents' information, so he secretly copied some for sale. Yang has worked in at least three such institutions and obtained more than 2 million personal information of students and parents. Yang sold information in bulk on the Internet, with a profit of * * * 1000 yuan, with an average of 5 cents for each piece of information.

Another defendant, Xu, aged 37, holds a master's degree. He started a company on 20 1 1 and needed to enroll students. He just received a text message saying that he had data about the parents of the students. After contact, he spent 2000 yuan to obtain the parents' information of seven primary schools in Haidian, including the primary school attached to the University of Science and Technology. After that, he found a short message agency to send a large number of spam messages at a price of 5 cents each, which can increase the registration volume by 25% every year. At the same time, he increased the price to 20,000 yuan and sold some information to his peers.

Second, computers are infected with malicious software such as virus Trojans, which leads to the disclosure of personal information.

While enjoying the convenient and quick functions of the Internet, netizens accidentally infected malicious software such as virus Trojans, which led to the disclosure of personal privacy and important information. If you believe that fake websites have been cheated.

The third is the information leaked through mobile phones. There are mainly the following ways:

Trojan horse in mobile phone;

Use the hacker's fishing WiFi, or your own WiFi is hacked;

Mobile phone cloud service account is stolen (weak password or database conflict or service provider vulnerability);

APP vendor servers with privacy rights were dragged by hackers;

Visit phishing websites through SMS of pseudo base stations. , leading to the leakage of important account passwords;

Use hacking devices such as malicious charging treasures;

GSM network is monitored by hackers.

Fourth, the attacker uses the vulnerability of the website to invade the database that stores information.

From the website security attack and defense practice of 20 14, website attacks and vulnerability utilization are developing in the direction of batch and scale. Website security is directly related to a large number of personal information data, business secrets, property security and other data. After technicians invade the website, they usually tamper with the content of the website and implant black words and black chains; The second is to implant a backdoor program to control the website or website server; The third is to defraud the administrator's authority by other means, and then control the website or drag the library. Since 20 1 1, the information and data of about 1 1.2 167 million users have been leaked due to dragging and bumping into the library.

Leak case

edit

Since the leak incident was exposed in CSDN 20 1 1, the largest IT technology community in China, the website was dragged into the library and clashed with it. In 20 14 years, the library collision attack reached an unprecedented peak. 20 14 many well-known websites in China, including Wumi (the original secret), Dianping.com, Sohu.com, Anzhi.com, car home, sogou, Evernote, etc., were attacked by database collision, resulting in the disclosure of a large number of users' personal information. ? [ 1]?

From the information leakage of 12306 and Ctrip, to the recent hidden danger incident of Hikvision monitoring equipment exposed by Jiangsu Provincial Public Security Department ... all kinds of indications show that it is urgent for China to protect the network information security as it is developing its information economy and network economy. ? [ 1]?

Case 1: Yu Qiong was cheated of 8 million yuan. I received a fraudulent phone call on February 8 18 last year. The other party claimed to be "Shanghai Public Security Bureau", accusing Yu of being involved in a fraud case, supervising the deposits in her account and asking her to transfer the deposits to a designated account. I immediately promised. A total of * * * 6 remittances were made through Internet transfer, with an amount of 8 million yuan. ? [2]?

Case 2: Tang Wei suffered from telecom fraud, and was cheated of RMB 265,438+100000 by the criminal suspect. Afterwards, Tang Wei has reported the case to Songjiang police, and the police have been involved in the investigation. Songjiang Public Security Bureau did receive a phone call from Tang Wei, saying that he was cheated by Telecom for 265,438 yuan+0,000 yuan, and intervened in the investigation. ? [3]?

Prevent leakage

edit

Don't link to WiFi in public, and don't use this wireless network for online shopping and other activities. If it is really necessary, it is best to use the 3G or 4G network of the mobile phone. ? [4]?

Mobile phones, computers, etc. You need to install security software and scan Trojan programs at least once a day, especially before using important account passwords. Check the virus regularly once a week and update the security software in time.

Don't install unknown software casually. When using a smart phone, don't modify the system files in the phone, and don't casually participate in the activities of giving away online registration information.

Set a password with high security intensity, and it is best to set different passwords for different websites. Payment passwords for online banking and online shopping should be changed regularly.

Try not to use the "remember password" mode, and pay attention to personal usage records after surfing the Internet.

Go shopping on a regular website. You must go to a regular website to watch news or browse videos. Sometimes installing anti-virus software can't guarantee that the computer won't be infected with viruses. Especially when shopping, it will involve online payment. Using a regular and guaranteed website has a higher safety factor.

Don't open strange emails at will. Don't receive or open strange emails at will, open mailboxes, and don't easily open emails sent by strangers, especially those with tempting information such as winning prizes or receiving prizes. ? [4]?

When dealing with express orders, various bills and traffic tickets, it is best to smear out personal information before discarding it, or collect and destroy it regularly.

When using public * * * network tools, clean up the traces before logging off. If you go to the copy shop to print materials, you must exit the mailbox after printing. If you have a QQ number, you should use "Remember Password" in the login area to change the computer settings when you exit.

When commenting on friends' Weibo, logs and pictures online, don't leave friends' personal information at will, and don't deliberately publish others' personal information.

Leave a phone number on the network, and the numbers can be separated by "-"to avoid being searched by search engines.

ID cards, household registration books and other documents with personal information must be kept well.

Weibo has a mobile phone sign-in function, which can display the owner's location. Many young people are keen to take pictures of their own places and take selfies, and parents also like to take pictures of their children. This kind of mobile phone sign-in may be targeted by people with ulterior motives. On the one hand, it exposes personal privacy, such as name, work unit and home address. On the other hand, it may lead to crime, so you need to use your mobile phone carefully to sign in online. ? [5]?

Risk of leakage

edit

1. A steady stream of spam messages: This is a very common thing. No wonder CCTV exposed spam messages at the 3. 15 party twice in a row. The latest news is that the base station can be used as a sending center to send short messages to mobile users in the coverage area of the base station. This short message system can send 1.5 million messages every ten minutes. ? [6]?

2. Harassment phone calls come and go: originally only friends, classmates or relatives know the phone calls, often called by strangers, some selling insurance, some selling decoration, and some selling baby products. If you don't go to them, they will come to you automatically. You may still be wondering how they know your phone number, but I don't know how many times your information has been sold.

3. Spam messages are overwhelming: after personal information is leaked, your mailbox can receive more than a dozen spam messages every day, mainly for sales promotion, and there are also some messy and uninspiring advertisements. Therefore, the first thing that many users open their mailboxes every day is to delete spam. They are envious of foreign countries' heavy sentences on spam, and a letter will be fined more than 100 yuan.

4. Pretend to overdraw your debt with a card: Someone bought your personal information, applied for your ID card, defrauded the bank's credit online, and applied for various credit cards from the bank to maliciously overdraw, and then the bank may directly send an overdue reminder to the owner of the ID card. You said it was hateful, and someone else took the money from your famous flower and asked you to pay it back.

5. Cases and accidents fall from the sky: criminals may use your personal information to establish an identity and do some bad things. If there is any case or accident, the public security organ or the traffic management department can find you according to the identity information. What do you think this is? However, the troubles of these cases and accidents have come, and even if you find out clearly, you will be exhausted.

6. Criminals come to cheat: The worst thing is that criminals come to you to cheat you. Because they know your personal information, make up some sensational news, even know your friends, classmates or relatives, and can also quote your name and company. You can make a wrong judgment when you are upset, and you are taken in by a liar when you are in a panic.

7. Pretending to be a public security officer and asking to be transferred: This is the bold lawbreaker who dares to pretend to be a public security bureau and report your personal information. Then he said that there have been frequent fraud cases recently, reminding you that an account is unsafe and asking you to transfer money. He also told you a telephone number for public security consultation. As long as you make that call, it will be confirmed. Then you believed it and transferred the money. Although not many people are fooled, they have heard of it from time to time.

8. Entrapment, abduction and taking advantage of the situation: Because they know your personal information, those who hide in the dark will try their best to trap, cheat, abduct and cheat you. There is a saying that "the shot is easy to hide, but the arrow is hard to prevent." If you are not careful, you may fall into the trap of the bad guys. Because, they may pretend to be your friends, your relatives or your classmates, and even confuse the fake with the real. Sometimes they really have to be very careful.

9. The money in the account is missing: the biggest obstacle for some people not to spend online is fear of information leakage; Some criminals get a new ID card, then report the loss of your bank account or credit card account, then reissue your card and set a password. If you don't use the card for a long time, the money in it may be gone.

10. Unjustified damage to personal reputation: after the disclosure of personal information, everything that happens involves you. As the saying goes, "good things don't go out, bad things spread thousands of miles", and all the bad things that others do in your name are attributed to your name. Even if you finally go to great pains to get an innocence, your personal reputation will be damaged anyway, at least it won't improve your reputation.

The disclosure of personal information is very harmful, and the above is not alarmist. Internet companies, telecom operators, SP, real estate, property management companies and medical institutions should be paid special attention to.

Everyone should speak out against the disclosure of personal information. If they are found to be dealt with together seriously, the government may require the establishment of an accountability system of "the responsibility system for the top leaders" in these units. Of course, it mainly depends on whether the public security and other competent departments have done something.

For ordinary people, take care of your personal information and don't tell others at will. Be careful at all times. ? [6]?

I hope it helps you. Good luck!