360buy.com was exposed to contain security flaws that could lead to use data leaks. [File photo] |
China's leading online retailer 360buy.com contains security flaws that can easily lead to user data leaks, the internet vulnerability reporting platform Wooyun said on Tuesday.
According to Wooyun, under 360buy.com's current user permission control system, some users can access the private information of all users, including names, addresses, email addresses and phone numbers, after logging in to the site.
360buy.com has thus far denied the existence of any security flaws. However, Li Daxue, vice president of the online retailer's information department, said his company is currently examining its system for any vulnerability.
Recently, China's largest programmers' website CSDN and largest online forum Tiyan.cn announced leaks in their user databases, in which the passwords of 6 million and 40 million users respectively were hacked and the data was posted online.
China's business press carried the story above on Wednesday.