40 Million Tianya Members Exposed After Data Breach

Tianya.cn, one of the largest Chinese social networking websites, suffered a data breach as a result of which 40 million users became exposed.

Last week, we witnessed how some major Chinese gaming websites were hacked, millions of their members’ credentials ending up online for anyone to use. At the time we also mentioned there were some rumors about some social media sites also being targeted and now it seems that the rumors were true.

Usernames and passwords, all in clear text, were stolen by the hackers, Global Times reports.

“The released information belongs to users who registered on our website before November 2009, when we saved information in clear text format. After that we started using encryption,” a tianya.cn customer service staff member said.

“We have e-mailed and messaged users informing them that they should change their passwords. We have reported the case to the police and we are doing our best to find the hacker.”

It turns out that all the unencrypted data ended up online because the website’s administrators failed to delete, or at least secure, the old data stored on their servers before the systems were upgraded.

In the past month, Chinese users were highly targeted by hacking operations and as we could clearly see, all their data leaks affected millions of users. In the incident presented above, 40 million people were exposed, but that represents only around 60% of the entire customer database.

In related news, Sina Weibo, a Chinese microblogging service, denied allegations which claim that close to 5 million of their customers’ credentials and personal information were leaked, stating that all their user data is stored in an encrypted form.

While Sina Weibo customers may be in the clear, 6 million members of the Chinese Software Development Network (CSDN) had to carefully supervise their accounts after a hacker managed to obtain access to their assets.