Ctrip event resolution serious data loss but more sites streaking


note: Alipay cut fiber things unfinished, Ctrip website has suffered long time paralysis. Domestic security sources said that the two listed companies in succession such a serious network security problems surprised. In fact, the two companies have always attached great importance to network security issues.

Ctrip exactly why paralyzed so long time? This incident has exposed what problems in the field of network security? As an entrepreneurial enterprise, but also how to prevent network security issues?

Zhou Luping, the | Wang Yi

Ctrip is paralyzed. May 28th at 11 a.m., some users suddenly found Ctrip and App can not access, access pages are displayed 404 and Service Unavailable. Not long after, the news was officially confirmed.

15:59 in the afternoon, Ctrip official micro-blog network paralysis event responded: "this morning, Mr. suspected attack was unknown part of the server, resulting in the official website and App is temporarily unable to use normal, after investigation, to preserve the integrity of data. At present, the system is gradually being restored, and the detailed reasons are under investigation."

moving is that Ctrip can not access the situation, the first thought of their own small partners, it is recommended that users visit eLong Travel network. As a result, eLong cried, and a few hours later, users found elong once inaccessible. As of "entrepreneur" before the press release, Ctrip also shows that the emergency repair is in.

what happened to Ctrip,


as two listed companies in the industry that the public attaches great importance to network security issues, why the emergence of such a serious security accident,


according to the version circulated by the network, the reasons for Ctrip’s paralysis include the database was physically deleted, malicious retaliation employees and so on. One argument is more reliable: cloud network released a server Vulnerability Ctrip, Ctrip estimated technical personnel began repair, and then deploy the on-line time at noon, a technical staff due to human error to delete a root directory file, and then lead to "supernatural events", online data are all delete.

in early March 22, 2014, vulnerability reporting platform cloud network had disclosed two consecutive Ctrip security vulnerabilities, vulnerabilities exist the risk of leakage of the user’s name, identity card, bank card category, bank card number, CVV code and other information.

previously, Ctrip official micro-blog has released information that Ctrip official and App can not use the normal, because some servers were unknown attacks. However, at present, Ctrip official micro-blog has deleted any instructions on the website and App can not use.

"Ctrip, which has a relatively high technical level, has been able to judge within an hour without restoring it."