Do you understand website user data leakage you fear

famous adult community grass pomegranate announcement, the site due to attacks led to database leaks. If you have other sites using the same password, please replace it as soon as possible.


image source: CFP

since May this year, was transferred permanently off the station, grass eclogite suffered a major crisis again.

grass durian website released high-risk vulnerabilities reminder, grass eclogite community in November 2, 2015 to 4 during the attack, resulting in member information disclosure, including the user’s password, e-mail, and IP address.



released the latest warning mentioned, because grass has a large amount of users, many users account password and other sites are the same, so this information can be used to carry out the attacks hit the library".

According to the

Baidu encyclopedia explains that the hit library is collected by Internet hackers have leaked user and password information, generate the corresponding dictionary table, try other bulk landing site, can get a series of user login. Many users are using the same account password on different sites, so hackers can access the user’s account on the A website to try to log on to the B url. December 25, 2014, 12306 of the site’s user experience information disclosure, the final data is basically recognized as hit library attack was obtained.

In addition to

, IP leaks can also view the true identity of the user. For example, after a user is registered in the grass eclogite, download or upload video images and other content, the user is likely to be excavated through the association IP real identity.

according to Wikipedia’s data, grass eclogite community currently has more than 200 thousand members of the forum. 2014, the daily average of more than 30 million visits, stable and active users close to the user, the average residence time of up to 32 minutes.

but from the beginning of 2007, the grass will be closed to open the registration, began to use the invitation registration mode, that is, visitors must be registered by the old members of the forum with the value of the invitation to buy the code. Therefore, a large number of users in the form of visitors only after landing.


suggested that the grass users should immediately change the password, change the login; use the same password password to modify the website; website should use a separate password; use the browser when the privacy mode, use the cleaning function to remove poison bully after browsing the buffer; password is the best of both letters, numbers and special characters, the length of at least in more than 8.

Tencent Internet Security Department official told the interface news reporter said, in addition to modifying the password, if the user is bound to disclose the important payment, social application account, you need to immediately remove the binding. In addition to the important account and grass eclogite, as far as possible to open the two verification function.

grass >