JD.com Russia - Self Destruction Launched
JD.com in Russia (roughly speaking, a competitor to Aliexpress) pursues a series of failures. More precisely, they themselves provoke these failures, trying to seize the Russian market. Constant marketing fraud and deceiving customers led to the fact that the flow of slop on the head of JD from Russian customers simply does not dry out. But on October 23 at JD.com they decided that the time had come to seize Russia entirely and completely. But it turned out that they shot themselves in the head.
October 23, JD.com Russia launched an unexpected and incredible share. I myself participated in this action from the beginning to the end, I write the topic in the first person. Coupons worth $ 10 were distributed to everyone and everything and acted on purchases from $ 10.01. Those. in fact, it turns out that a huge amount of goods can be obtained for some pennies (almost “for free”). The main method of receiving coupons is simply sharing the code with someone, it is registered and receives $ 10, and you also receive $ 10. The action was supposed to be valid until the New Year (the process of receiving coupons by November 30). But after a few hours she had failed. Apparently, JD.com did not appreciate the scale of Russian love for freebies, and financial reserves were melting before our eyes. Someone generated coupons himself, someone honestly through friends. Who knows how. As a result, after a few hours of terrible work site (still, such a load), the action ends. All coupons for all people are discarded. Someone asked friends to register for a few hours and got a shish.
')
In the official group of VKontakte, this started ... I would not be surprised if all the Russian-speaking employees of JD.com did not go home today, but took the post of moderators.
These are just regular flowers that have happened to JD.com many times already. But the berries ...
There was a hole in the JD.com system. By clicking on a simple and obvious link, anyone could see a list of other people's orders.
If you go into any order, you can see the customer data: names, addresses, phone numbers, etc. The most current data that can only be. Moreover, the simplest script in several lines with the search order number from the link, you can unload the database of hundreds of thousands of Russian customers JD.com! This is an epic failure. I have no doubt that someone has already done this, and tomorrow it will be possible to buy or download the most current database of solvent customers with full contact details. Those who wish will be found.
But that's not all. The network immediately went jokes, from which I almost died with laughter. This is black and evil humor, but funny. Imagine the picture? The man made a purchase during the day in JD, sleeps, and SMS comes to him:
But that's not all. For several hours, no one has closed the hole. And it is very disappointing that there are no one to make official claims. Sites JD.ru and JD.com is not in Russia, the customer base, too. As far as I know, they do not even have an official representative office in Russia. No, maybe they will shoot a few Chinese at their place there, but this will not make it any easier for us.
UPD . Everything in the network has already laid out the base of Russian customers JD.com.
UPD II . As of 7:15 on October 24, 2015 the hole is partially covered .
UPD III . I was contacted by a JD media representative (I don’t know what it is or if it’s an official representative). Something they do not like such notes from me. Not surprisingly, they would work well - there would be good notes. And then the jamb on the jamb and the jamb chase, but they are looking for the problem in the bad notes. Asked about the official comment about the leakage of personal data. Received the answer that he prepared for the media. And I did not wait for an answer. Apparently, not worthy of the answer, because not the media. But, if they deign to give an official answer, I will publish it.
UPD IV .Oh, send the threats. Powerful multi-billion dollar company! Their internal problems and shoals are solved by trying to block information about them. Then I got excited, the search initially issued an article about the protection of the reputation of a legal entity, my mistake.
UPD V. For those who have doubts about the discharge of the database . (I asked the moderators out of harm's way to remove the link from the comment, so that later there would be no complaints against me and the resource).
UPD VI . It has been almost a day. The JD.com Russia group in the VC keeps deaf defense - almost all comments have been turned off for almost 24 hours, a sweep has been completed. None of the JD officials have made any statements so far. None of the clients still knows what will happen to the coupons. None of the media was interested in the problem of data leakage from JD.com (I think that everything is compensated on Monday).
UPD VII. Appeared the first official comment . These guys with their own hands razuchivayut flywheel of the engine of the machine that crushes them.
UPD VIII. Sent an appeal to Roskomnadzor.
UPD IX. For the media. Colleagues, do not just reprint the press release from JD with the title of hacking. Please read all comments on this topic. There was no hacking. There were no hackers. JD just wants to disclaim responsibility for the hole on the site.
UPD X. Judging by the publications, JD decided to deal with the problem in its usual way - by purchasing posts and notes in the news. Eldar Murtazin writes that he was offered to place a note for money. The emphasis is on the fact that there was a hacker attack (I think you understand that the hole on the site has nothing to do with the “hacker” DDoS attack, even if it was - there is no evidence of this, but there is a refutation), and JD.com generally saints. They want to avoid responsibility.
UPD XI. . JD.com introduced a new required field in the delivery address - passport number! Fantasy. Passport number, Karl! They have little data that leaked. Now also the passport number can be compromised (if the situation suddenly repeats). And what about the law on personal data says if they store passport numbers?
October 23, JD.com Russia launched an unexpected and incredible share. I myself participated in this action from the beginning to the end, I write the topic in the first person. Coupons worth $ 10 were distributed to everyone and everything and acted on purchases from $ 10.01. Those. in fact, it turns out that a huge amount of goods can be obtained for some pennies (almost “for free”). The main method of receiving coupons is simply sharing the code with someone, it is registered and receives $ 10, and you also receive $ 10. The action was supposed to be valid until the New Year (the process of receiving coupons by November 30). But after a few hours she had failed. Apparently, JD.com did not appreciate the scale of Russian love for freebies, and financial reserves were melting before our eyes. Someone generated coupons himself, someone honestly through friends. Who knows how. As a result, after a few hours of terrible work site (still, such a load), the action ends. All coupons for all people are discarded. Someone asked friends to register for a few hours and got a shish.
')
In the official group of VKontakte, this started ... I would not be surprised if all the Russian-speaking employees of JD.com did not go home today, but took the post of moderators.
These are just regular flowers that have happened to JD.com many times already. But the berries ...
There was a hole in the JD.com system. By clicking on a simple and obvious link, anyone could see a list of other people's orders.
If you go into any order, you can see the customer data: names, addresses, phone numbers, etc. The most current data that can only be. Moreover, the simplest script in several lines with the search order number from the link, you can unload the database of hundreds of thousands of Russian customers JD.com! This is an epic failure. I have no doubt that someone has already done this, and tomorrow it will be possible to buy or download the most current database of solvent customers with full contact details. Those who wish will be found.
But that's not all. The network immediately went jokes, from which I almost died with laughter. This is black and evil humor, but funny. Imagine the picture? The man made a purchase during the day in JD, sleeps, and SMS comes to him:
But that's not all. For several hours, no one has closed the hole. And it is very disappointing that there are no one to make official claims. Sites JD.ru and JD.com is not in Russia, the customer base, too. As far as I know, they do not even have an official representative office in Russia. No, maybe they will shoot a few Chinese at their place there, but this will not make it any easier for us.
UPD . Everything in the network has already laid out the base of Russian customers JD.com.
UPD II . As of 7:15 on October 24, 2015 the hole is partially covered .
UPD III . I was contacted by a JD media representative (I don’t know what it is or if it’s an official representative). Something they do not like such notes from me. Not surprisingly, they would work well - there would be good notes. And then the jamb on the jamb and the jamb chase, but they are looking for the problem in the bad notes. Asked about the official comment about the leakage of personal data. Received the answer that he prepared for the media. And I did not wait for an answer. Apparently, not worthy of the answer, because not the media. But, if they deign to give an official answer, I will publish it.
UPD IV .
UPD V. For those who have doubts about the discharge of the database . (I asked the moderators out of harm's way to remove the link from the comment, so that later there would be no complaints against me and the resource).
UPD VI . It has been almost a day. The JD.com Russia group in the VC keeps deaf defense - almost all comments have been turned off for almost 24 hours, a sweep has been completed. None of the JD officials have made any statements so far. None of the clients still knows what will happen to the coupons. None of the media was interested in the problem of data leakage from JD.com (I think that everything is compensated on Monday).
UPD VII. Appeared the first official comment . These guys with their own hands razuchivayut flywheel of the engine of the machine that crushes them.
UPD VIII. Sent an appeal to Roskomnadzor.
UPD IX. For the media. Colleagues, do not just reprint the press release from JD with the title of hacking. Please read all comments on this topic. There was no hacking. There were no hackers. JD just wants to disclaim responsibility for the hole on the site.
UPD X. Judging by the publications, JD decided to deal with the problem in its usual way - by purchasing posts and notes in the news. Eldar Murtazin writes that he was offered to place a note for money. The emphasis is on the fact that there was a hacker attack (I think you understand that the hole on the site has nothing to do with the “hacker” DDoS attack, even if it was - there is no evidence of this, but there is a refutation), and JD.com generally saints. They want to avoid responsibility.
UPD XI. . JD.com introduced a new required field in the delivery address - passport number! Fantasy. Passport number, Karl! They have little data that leaked. Now also the passport number can be compromised (if the situation suddenly repeats). And what about the law on personal data says if they store passport numbers?
Source: https://habr.com/ru/post/356888/
All Articles