Home  Contact Us
  Follow Us On:
 
Search:
Advertising Advertising Free Newsletter Free E-Newsletter
NEWS

Express Workers Lease Accounts to Criminals, Compromising 400,000 Users
Published on: 2020-11-18
Share to
User Rating: / 0
PoorBest 

YTO 01Five employees at a major Chinese package delivery company leased their internal employee accounts to criminal groups, compromising more than 400,000 users’ personal information.

YTO 02Police in Handan, Hebei province, arrested three suspects in the criminal groups involved in the data leakage at YTO Express Group Co. The company apologized Tuesday for the leakage and said it will conduct real-time monitoring of internal accounts and actively discover illegal activities. Consequences for the five employees weren’t disclosed.

YTO said its risk control system detected two employee accounts used to check package information that were not related to the employee site, raising red flags at the company’s Shanghai headquarters. Authorities found that five YTO employees leased their accounts for 500 yuan ($76) a day to criminal groups, which then sold YTO users’ information, including names, identification card numbers, phone numbers and addresses, to domestic and overseas telemarketing fraud groups.

This was not the first data breach case involving employees at package delivery companies. In September 2019, police found that six delivery workers at Deppon Logistics Co. Ltd. stole user data and provided it to an e-commerce company. In 2018, police found that two agents at Cainiao Global, the parcel tracking platform of Alibaba Group, installed malware programs on package scanners to steal user information.

40万条公民信息被“内鬼”泄露

邯郸警方在近期的一起部督案件中,发现不法分子与圆通速递多位“内鬼”勾结,通过有偿租用圆通员工系统账号盗取公民个人信息,再层层倒卖公民个人信息至不同下游犯罪人员。据知情人士透露,如果以上述六个维度的信息共同组成一条信息来计算,此次被泄露的信息数量实际超过40万条。

对媒体报道圆通内鬼致40万条个人信息泄露的事件,圆通速递火速回应表示该事件系圆通速递主动发现并报案。

17日,圆通速递微博发文称,今年7月底,公司总部实时运行的风控系统监测到圆通速递河北省区下属网点有两个账号存在非该网点运单信息的异常查询,判断为明显的异常操作,于第一时间关闭风险账号,同时立即成立由质控、安保、信息中心、网管以及河北省区组成的调查组,对此事件开展取证调查。

圆通方面还表示,调查发现,疑似有网点个别员工与外部不法分子勾结,利用员工账号和第三方非法工具窃取运单信息,导致信息外泄。公司随后向当地公安部门报案,并全力配合调查,相关犯罪嫌疑人于9月落网。

Comments (0)Add Comment

Write comment

security code
Write the displayed characters


busy
    Subscription    |     Advertising    |     Contact Us    |
Address: Magnetic Plaza, Building A4, 6th Floor, Binshui Xi Dao.
Nankai District. 300381 TIANJIN. PR CHINA
Tel: +86 22 23917700
E-mail: webmaster@businesstianjin.com
Copyright 2020 BusinessTianjin.com. All rights reserved.