Tianya.cn, China's biggest online forum confirmed on Sunday that private information for 40 million users had been leaked, three days after the country's largest programmers' website CSDN reported a similar leak.
Tianya is one of the most popular sites in China; it’s the nexus of China’s online communications, a collection of simple forums, blogs, and groups; due to uber-popularity Tianya is the best place in China’s web to find public opinion on social issues, cultural experience, and original fresh content from millions of Chinese users. Based on netizen comments, the Tianya community meets the need for personal interaction, creation and expression. In a family oriented society, Tianya is China’s dinner table, where news of the day is discussed in an open, personal fashion.
The user account information of several other popular websites in China such as Dodonew.com, 7K7K, Duowan.com, and 178.com has also been leaked. On Weibo.com, users were also complaining that their accounts were being hacked and they were repeatedly being asked by the system to change their passwords.Some microbloggers complained they had to change their account passwords every time they tried to log on, while others said their accounts were being used by people in other areas of the country.Weibo officials said that some microbloggers used the same user names and passwords at many other forums or websites, so when their profiles were leaked from one, their other accounts were also being hacked at the same time.
Tianya users among the 4 million whose usernames and passwords were published online is that the data the hackers published is reportedly from a backup database made before 2009. Since an upgrade in 2010, Tianya has stored users passwords in an encrypted format, so anyone who has changed their password since 2009 shouldn’t have much to worry about (unless they still use the old username/password combination for other sites). Tianya currently has over 20 million registered users.
Tianya.cn has launched an emergency response and informed users via email and forum messaging service to change their passwords as soon as possible. The online forum has also reported the case to the police.