Chinese e-commerce industry never fails to provide interting news. There are lots of things happening in this market which are keeping journalists, newscasters, media, and public on their toe. Soemtimes this market get the attention of Chinese government and international media. Same kind of incident happened recently. The news was that the Chinese e-commerce giant JD has apologized for a user data leak in an official announcement. The data leak exposed millions of users’ personal information like the usernames, passwords, email addresses, QQ accounts, ID numbers, and phone numbers. Although the apology is no good years later, as JD claims that the leak actually took place in 2013, it is attributed to a security loophole in Apache Struts 2. This is an open-source web application framework that is used widely by Internet companies and governments. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller architecture.
He further claimed to have notified customers who were facing the most risk to update their accounts and make their passwords indecipherable, after detecting and closing the security holes. According to the same announcement, the users had done so. However, the risks remain. The firm has acknowledged of these risks remaining and that in addition, for a small portion of users who haven’t updated their account. Thus, the company is urging users to set indecipherable passwords to make it harder for the hackers to crack and to change those passwords as often as they can – even regularly. Furthermore, they are finding any mean that can be helpful for the users’ security. They have already enlisted the help of the authorities to make it easier, in case something happens. The world of internet is expanding swiftly so do security risks associated with it. There are lots of hackers and phishers all over the world who target big companies with vulnerable cyber security. E-commerce companies are at higher risk of cyber security breach due to the nature of their service therefore they need to be extra vigilant.
Cyber security problems
Actually, the security of personal data of users should be the first priority of the company and government should make regulations for e-commerce company. Every company should not be allowed to collect credit card information of people. These companies must pass some security tests in order to get authorization for collecting sensitive data of users. The company must have a dedicated server, security experts and premium software to protect their server from any malware and virus. If a company want to enter in e-commerce market without these facilities, then it must outsource its transaction services to any other authorized company. In this way the market can become more secure for buyers otherwise people will not take Chinese e-commerce companies seriously and it will drastically reduce the revenue of the market. This situation is not good for the government therefore it must take appropriate action.
Usually when a company faces a cyber security breach, it improves its security and alter few protocols to make system more secure. However, in case of JD this did not happen for the first time. JD has been repeatedly under the scorching gaze of the reports and the authorities, whenever such a leak has been mentioned or claimed. Users are also frustrated with the situation. It is reported that last year more than 100 customers of the company filed a lawsuit against the company for showing carelessness in securing personal information of their users. Company need to take some reasonable action to improve its security because wordily apology will not help company to earn back market’s trust.
This case of JD.com is not the first one because JD and other similar companies faced cyber-attacks previously and reasonable amount of data was compromised in those incidents. The situation is similar because companies have no serious motivation to get out of their comfort zone and improve the security of their servers. The legal action of users is the only way to held the company accountable because they are directly affected by company’s negligence and they can present their case in better way than anyone.
Let’s hope affected users will fight this case and take the matter to the highest level. It will give the message that the security of users’ personal information is vital and it carelessness in this matter can cause serious trouble to the company. The apology from company’s administration is not enough. Users should also get compensation for their leaked information because they usually go through psychological stress of changing their credit cards. It also wastes their previous time. If companies like JD gets away with their negligence, then it will become very difficult for other organization to build trust of people to do online shopping freely from any platform.
More information about JD marketing in China.