More than 170 million student information was leaked?Learn response said that the case has been reported
Author:21st Century Economic report Time:2022.06.21
21st Century Business Herald reporter Guo Meiting intern Luo Tianen Guangzhou reported
On June 21, the "Super Star Learning" APP was exposed to suspected information and leaked and appeared on the hot search. On the afternoon of the same day, the official Weibo of Studies issued a response saying that no clear user information leak evidence has been found so far. In view of the majority of things, it has reported to the public security organs, and the public security organs have been involved in the investigation.
21 The reporter found that with the implementation of the "Data Security Law" and "Personal Information Protection Law", the information security issues of educational apps including a large amount of personal information have also attracted much attention, including hundreds of words, New Oriental Dona, Examinations, Zhonggong, and Gonggong A variety of education apps such as education have been notified by the Ministry of Industry and Information Technology for reasons for illegal collection or using personal information. Earlier, the Ministry of Education had issued an article to strengthen the network and data security supervision of the Education APP to ensure user information security.
Study generally reported reports
The "Super Star Learning" APP (hereinafter referred to as Xue Tong) is widely used in universities. According to the official website information of the Beijing Century Super Star Information Technology Development Co., Ltd., the learning pass is based on the curriculum learning, knowledge dissemination and management sharing platform based on microservice architecture. It integrates knowledge management, curriculum learning, special creation, and office applications, providing readers with a one -stop learning and working environment.
Through the learning pass, users can conduct online courses for check -in, examination and procedures. According to Cool -pass data, as of June 21, the total download of the "Super Star Learning" APP in the Android market has reached 975 million.
Hot search sources said that recently, news in the security industry industry revealed that the database information of the learning pass was publicly sold. The specific situation is temporarily unknown. The leaked data includes school/organization names, names, mobile phone numbers, school numbers/work number, gender, mailbox and other information of 172.73 million pieces.
Regarding the hot search news, on the afternoon of June 21, the official Weibo of the study issued a response saying that no clear user information leak evidence has been found so far. In view of the majority of things, it has reported to the public security organs, and the public security organs have been involved in the investigation.
Learning through the learning pass, it does not store the user's clear -text passwords and adopts one -way encryption storage. Theoretically the user password will not leak. Under such technical means, even if the company's internal employees (including programmers) can not get the password clearly. The company confirmed that the leakage of the password on the Internet is not true. User information security is a major issue. Learning to attach great importance to it will assist the public security organs to continue to investigate and make every effort to ensure user information and data security.
The reporter found that the privacy policy found that individuals (including minors) need to provide mobile phone number registration learning through, while unit users need to provide personal names and login account (school number/work number) on this basis for unit management statistics. When the user uses the punch -in, picture upload, and super star classroom in the learning pass, you may need to turn on the access rights of location information, cameras, albums, microphones, etc.
The problem of the interrogation and examination and procedure of the Internet pass is large. "The user must be required to turn on the microphone, camera and real -name system". Privacy policies show that users can choose to authorize to learn through the camera (camera) or microphone of the device to realize the information of the information to realize the information of the information. Release or specific identification function.
This is not the first time that learning is controversial due to personal information. As early as January last year, Learning Tong was notified by the Ministry of Industry and Information Technology for rectification due to personal information in violation of regulations. In July of the same year, Learning Tong had not completed the rectification of personal information in violation of regulations due to the inspection of the Ministry of Industry and Information Technology.
In addition, in August 2020, Learning Tong also had serious problems due to the communication orientation of the "Recommended" column. Investigation and punishment.
The Ministry of Industry and Information Technology and the Ministry of Education's hand -made education app
The operation of the educational app or related institutions often requires a large number of students' personal information, and some also contain personal information of minors. According to the "Personal Information Protection Law", the personal information of minors under 14 years of age should be strictly protected as sensitive personal information. The processing of such information should be obtained by the guardian and formulated special personal information processing rules.
The field of education is also a high incidence of personal information leakage. In 2020, the Wuxi Jiangyin Market Supervision and Administration Bureau of Jiangsu reported that law enforcement officers found a folder named "Jiangyin" in the computer of its business place office in the computer of its business place. After opening, I found that there are dozens of Excel tables marked with the names of Jiangyin's elementary and middle school names in the folder, covering most of the information about students and parents of most primary and secondary schools in Jiangyin City. After a preliminary inventory, there are more than 140,000 personal information of "school, student name, gender, grade, class, student family address, parent name and telephone".
During the epidemic, online education demand increased. In many notifications conducted by the Ministry of Industry and Information Technology for the APP that infringes the user's rights and interests, a number of educational apps have been listed. For example, in February, the Ministry of Industry and Information Technology announced the first batch of APPs that infringe on user equity this year, including cloud classrooms, Zhonggong Education, Alpaca IELTS, etc., which were notified Essence Last year, hundreds of words, New Oriental Dona, and Examinations have also been notified for illegal collection of personal information.
In order to strengthen the network and data security supervision of the educational APP, and ensure the security of user information, in September 2021, the General Office of the Ministry of Education and other departments issued the "Notice on Doing a Filtering Training Institution for the Existing Disciplines(The notice herein).For the management of the Education Mobile Internet Application (Education APP), the "Notice" requires that education mobile application providers should establish a data guarantee mechanism covering personal information collection, storage, transmission, and use.The overseas training APP shall pass the influence, certification or compliance audit of the protection of personal information protection.
- END -
The National Internet Information Office issued the "Regulations on the Management of Internet User Account Information", which will be implemented in August
On June 27, the National Internet Information Office issued the Regulations on the Management of Internet User Account Information (hereinafter referred to as the Regulations), which will be imple
"5.29 Member Activity Day" "I Love My Family -Happiness Moment" solicitation activity (10)
@爱 我: I love my house -happy moment image solicitation activity starts! Click to...