Chinese e-commerce industry never fails to provide interesting news. There are lots of things happening in this market that are keeping journalists, newscasters, media, and the public on their toes. Sometimes this market gets the attention of the Chinese government and international media. The same kind of incident happened recently. The news was that the Chinese e-commerce giant JD has apologized for a user data leak in an official announcement. The data leak exposed millions of users’ personal information like usernames, passwords, email addresses, QQ accounts, ID numbers, and phone numbers. Although the apology is no good years later, as JD claims that the leak actually took place in 2013, it is attributed to a security loophole in Apache Struts 2. This is an open-source web application framework that is used widely by Internet companies and governments. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller architecture.
Need a cost effective TP (Tmall Partner) to sell in China?
We are an Official Tmall Partner e-commerce Agency. Our Services: E-Commerce, Search Engine Optimization, Advertising, Weibo, WeChat, WeChat Store & PR.
He further claimed to have notified customers who were facing the most risk to update their accounts and make their passwords indecipherable, after detecting and closing the security holes. According to the same announcement, the users had done so. However, the risks remain. The firm has acknowledged these risks remaining and that in addition, for a small portion of users who haven’t updated their account. Thus, the company is urging users to set indecipherable passwords to make it harder for the hackers to crack and to change those passwords as often as they can – even regularly. Furthermore, they are finding any means that can be helpful for the users’ security. They have already enlisted the help of the authorities to make it easier, in case something happens. The world of the internet is expanding swiftly so do security risks associated with it. There are lots of hackers and phishers all over the world who target big companies with vulnerable cybersecurity. E-commerce companies are at higher risk of cybersecurity breaches due to the nature of their service therefore they need to be extra vigilant.
Actually, the security of the personal data of users should be the first priority of the company and the government should make regulations for e-commerce companies. Every company should not be allowed to collect credit card information of people. These companies must pass some security tests in order to get authorization for collecting sensitive data of users. The company must have a dedicated server, security experts, and premium software to protect its server from any malware and virus. If a company wants to enter in e-commerce market without these facilities, then it must outsource its transaction services to any other authorized company. In this way, the market can become more secure for buyers otherwise people will not take Chinese e-commerce companies seriously and it will drastically reduce the revenue of the market. This situation is not good for the government therefore it must take appropriate action.
Usually, when a company faces a cybersecurity breach, it improves its security and alters few protocols to make the system more secure. However, in the case of JD, this did not happen for the first time. JD has been repeatedly under the scorching gaze of the reports and the authorities, whenever such a leak has been mentioned or claimed. Users are also frustrated with the situation. It is reported that last year more than 100 customers of the company filed a lawsuit against the company for showing carelessness in securing the personal information of their users. The company needs to take some reasonable action to improve its security because a wordy apology will not help the company to earn back the market’s trust.
This case of JD.com is not the first one because JD and other similar companies faced cyber-attacks previously and a reasonable amount of data was compromised in those incidents. The situation is similar because companies have no serious motivation to get out of their comfort zone and improve the security of their servers. The legal action of users is the only way to hold the company accountable because they are directly affected by the company’s negligence and they can present their case in a better way than anyone.
Let’s hope affected users will fight this case and take the matter to the highest level. It will give the message that the security of users’ personal information is vital and its carelessness in this matter can cause serious trouble to the company. The apology from the company’s administration is not enough. Users should also get compensation for their leaked information because they usually go through the psychological stress of changing their credit cards. It also wastes their precious time. If companies like JD gets away with their negligence, then it will become very difficult for other organization to build the trust of people to do online shopping freely from any platform.
Read more about JD com in China
More information about JD marketing in China.