1 views collected around this technical thread.
Websites cannot reveal original passwords because they store only salted, one‑way hashes, not the plaintext, making recovery impossible; therefore, when users forget their credentials, the secure approach is to verify identity and issue a password reset rather than expose any stored data.
Anonymous Sudan alleges it has breached Microsoft’s servers and obtained a database containing over 30 million customer credentials, while Microsoft firmly denies any such breach, prompting widespread debate over the hacker group’s capabilities, motives, and the broader implications for information security.
A recent data breach at Renmin University's website exposed thousands of students' personal information, revealing that the hacker, a former graduate student with a strong academic record and industry experience, was arrested, highlighting serious privacy and information security concerns in China.
A recent ransomware group called RansomHouse revealed that AMD suffered a massive data breach of over 450 GB due to employees using simple passwords like "admin" and "123456", highlighting the dangers of weak credentials and prompting urgent security awareness.
In September 2022, Nantong police uncovered China's first nationwide case of illegal WeChat user data harvesting using a "clean fan" application, leading to the arrest of eight suspects who were convicted for illegally obtaining computer system data and controlling systems, highlighting severe information security risks.
The article explains why the rare password “ji32k7au4a83” appears in breach data, traces its origin to the Chinese Zhuyin phonetic system, presents statistics on common passwords, and offers expert advice on crafting secure, long, and varied passwords.
In February 2020, a core operations engineer at Micro-Alliance maliciously deleted the company's production databases, causing over ten billion yuan in market loss, massive user disruption, and a six‑year prison sentence, while highlighting broader industry risks and the need for stronger security controls.
The article explains the recent Weibo data breach, describing how attackers used credential‑stuffing (撞库), data leakage (漏水), database dumping (拖库) and data laundering (洗库) to obtain millions of user records, the technical steps involved, and the security implications for both users and platforms.
In late February 2023, a core operations engineer at Weimob maliciously accessed the internal network and deleted production data, causing a 24‑hour outage of numerous merchant mini‑programs, leading to over HK$1 billion in market value loss and prompting legal action.
In early June, AcFun announced a massive hack that leaked nearly ten million user records, including IDs, nicknames and encrypted passwords, urging users—especially those who haven’t logged in since July 2017 or use weak passwords—to change them immediately, while noting that the data is already being sold on the dark web.
The article explains how weak passwords, misconfigured services like Redis, careless port changes, and leaked data enable attackers to compromise servers and internal networks, illustrating each risk with real‑world case studies and offering practical mitigation advice for robust ops security.
This article outlines why proactive information‑security preparedness, cross‑department response teams, and clear incident‑response checklists are essential for minimizing damage and maintaining trust when a data breach occurs.