The company's website is implanted into the gaming website, the online server "streaking", these companies are punished
Author:Guangzhou Daily Time:2022.09.14
Recently, the Guangzhou Zengcheng Police launched inspections in the "Hundred Days Action" to promote the "Hundred Days of Action" in summer public security and combat the "100 -day operation", focusing on whether to collect personal information in compliance with the enterprise apps in the jurisdiction, and strengthen the implementation of network security responsibilities of the internet main body. Assist in the legal and compliant development of the main body of the network. Since the "100 -day operation", Zengcheng Police has inspected a total of 33 units, 36 APPs, 9 administrative penalties, and 12 rectification units.
On July 28, when the Zengcheng Police Network Security Department inspected that when an app developed by a company in the jurisdiction collected personal information, it did not explicitly show the purpose, method, and scope of collecting personal information to users, and violated the necessary principles. A non -necessary authority user refuses to provide a functional service. Subsequently, in accordance with the relevant provisions of the "Cyber Security Law of the People's Republic of China", the police gave administrative warnings and punishment for the company's use of APP illegal and illegal personal information, and asked them to rectify within a time limit.
On August 3rd, the Zengcheng Police Network Security Department found in the work that websites operated by a company in the area were implanted into illegal information such as gaming websites. After investigation, the company has not taken measures of network security technology protection, network security protection management systems, and related network logs for less than six months. Police shall give the company an administrative warning and punishment in accordance with the relevant provisions of the "Cyber Security Law of the People's Republic of China" and order correction.
On August 9, a company under the jurisdiction was invaded and was extorted. The investigation of the Takocheng Police Network Security Department found that the hacker used the network loopholes of the enterprise, invaded and obtained the operating authority of the relevant system, and then encrypted the enterprise's server system, and then left ransom information, requiring enterprises to pay digital currencies to decrypt the system. Soon, the police mastered in the investigation that it was a provincial hacker who found the server system vulnerability. After the hacker discovered the system vulnerability, the vulnerability was sold to the cyber black -produced criminals. Police subsequently arrested the suspect's (male, 29 years old) in Jiangsu. At present, Jimou has been taken criminal measures by the police in accordance with the law. The case is under further investigation.
In the investigation, the police also found that the company's network server has a systematic firewall, remote connection unlimited access to access IP, and unrealized security password strategies such as the domain control, and the server is in a "snap" state. In addition, the company also has not formulated internal security management systems and operating procedures, and less than six months of retention of related network logs. Police launched the "Double Inspection of One Case" and gave the company an administrative warning and punishment in accordance with the relevant provisions of the Cyber Security Law of the People's Republic of China.
The incident of cyber security in an enterprise is undoubtedly a direct loser, but cyber security is not just related to the enterprise. In fact, the company's database includes a large number of user data and privacy. Once invaded or leaked, user data and privacy will often be exposed, which seriously affects public interests. Therefore, the performance of enterprises to perform cyber security is not "their own affairs", and it is also related to the legitimate rights and interests of users and social public interests.
Police reminded that Internet operators of Internet companies should implement the responsibility of the main body of network security, fulfill the obligations of cyber security protection, and collect, use and protect personal information on legal compliance, and do not try to try the law and touch the legal bottom line of network security and personal information protection.
Text/Guangzhou Daily · Xinhua City Reporter: Ye Zuolin, Zhang Danyang Correspondent: Gu Guokang, Zhang Yitao Guangzhou Daily · Xinhuacheng Editor: Zhang Yu
- END -
Zhengzhou 1 kindergarten has not been put into use for five years?The response is here!
On September 5th, Mr. Yang, who lives in Zhongyuan District, Zhengzhou City and Ch...
Hengyang traffic police brought traffic safety into the countryside and asked the masses to bring "safety" home
Hengyang News Network News reporter Tang Jiahua reported to effectively prevent an...