Several Chinese airlines have denied being responsible for a leak of passenger information, China National Radio reported on Monday.
The leaked data include user names, ID numbers, mobile numbers, and airline information, posing a critical threat to consumer safety, according to a report by WooYun.org, a renowned third-party Internet security platform.
The airline companies have confirmed the news, but denied responsibility, saying that the data were leaked through other channels and not their websites.
China Eastern Airlines said information must have been hacked into via third parties seeing as its own payment system does not have any security flaws.
Xiamen Airlines said it has stopped using the targeted ticketing system for two years, explaining that the WooYun report "overstated the data leak."
TravelSky Technology, a leading provider of information technology solutions for China's air travel and tourism industries, was also accused of security problems. Bo Manhui, company general manager, noted that their database is thoroughly encrypted and that they regularly check for any hidden flaws on their website.
Wu Di, a co-director at WooYun, insisted that their report gave an accurate picture of the situation.
Management vulnerability, including information sold by insiders, could result in leaks, while flaws in online systems could also cause trouble, Wu said.
Zhao Wu, an expert with 360 Safe Global, stressed that online vulnerability would still exist despite developments in network security, allowing hacking to occur.
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263 Registration Number: 130349 
