Proceedings of the 3rd International Conference on Public Management and Big Data Analysis, PMBDA 2023, December 15–17, 2023, Nanjing, China

Research Article

Personal Information Leakage of Internet Users: A Study on the 12306 User Data Breach Incident

Download40 downloads
  • @INPROCEEDINGS{10.4108/eai.15-12-2023.2345345,
        author={Ping  He and Chang  Liu},
        title={Personal Information Leakage of Internet Users: A Study on the 12306 User Data Breach Incident},
        proceedings={Proceedings of the 3rd International Conference on Public Management and Big Data Analysis, PMBDA 2023, December 15--17, 2023, Nanjing, China},
        publisher={EAI},
        proceedings_a={PMBDA},
        year={2024},
        month={5},
        keywords={network security; information safety; privacy protection; internet},
        doi={10.4108/eai.15-12-2023.2345345}
    }
    
  • Ping He
    Chang Liu
    Year: 2024
    Personal Information Leakage of Internet Users: A Study on the 12306 User Data Breach Incident
    PMBDA
    EAI
    DOI: 10.4108/eai.15-12-2023.2345345
Ping He1,*, Chang Liu2
  • 1: Professor of Guilin University of Electronic Technology
  • 2: Postgraduate Student of Guilin University of Electronic Technology
*Contact email: heping@guet.edu.cn

Abstract

The number of Internet users worldwide continues to increase, and the security of personal information on the Internet has become a global concern.This article analyzes the 12306 website user information leakage incident as an example, emphasizes the shortcomings in network security governance practices .Our research findings indicate that the 12306 website user data breach was caused by hackers launching a credential stuffing attack on its database.This article analyzes the process of hackers stealing user information from a technical perspective and analyzes the risks of privacy policy in 12306 website and its actual implementation. We have outlined the process of such an attack to provide a comprehensive understanding and proposes some constructive suggestions from the perspectives of both enterprises and users to improve network security.