A 12G data package belonging to JD.com, a leading online retail platform in China, has reportedly been leaked.
据报道,中国著名网购平台京东的12G数据信息包遭到泄露。
The package contains tens of millions of pieces of personal data, including user names, passwords, email addresses and IDs, according to a report by Jiemian News.
据《界面新闻》报道,泄露的信息中含有数千万条个人信息,包括用户名、密码、邮件地址和身份证号。
In an announcement on Dec. 11, JD.com said the leak originated from a Struts 2 vulnerability in 2013, and the company has fixed the problem.
在12月11日的一份声明中,京东方面表示,此次信息泄露的源头是公司在2013年留下的一个Struts 2漏洞,目前他们已经修复了这一问题。
The announcement further suggested that users activate mobile certification and payment codes, and update and strengthen their login passwords.
此外,该声明还建议用户激活手机认证和支付代码,并且修改登陆密码、提高密码的安全性。
This is the second time that JD.com has been involved in a user information leak.
这已经是京东第二次卷入用户信息泄露事件中了。
In 2015, three employees of JD.com sold a total of 9,313 pieces of information, including names, telephone numbers and addresses, for between 0.3 RMB and 1.5 RMB per piece.
2015年,3名京东员工出售了包括用户姓名、电话号码和地址在内的共9313条信息,每条信息售价0.3元到1.5元不等。