A leak of personal information from online train ticket sales ahead of the busiest travel season of the year has spurred public outcry in China over internet vulnerability.
The leaked information includes usernames, passwords, emails and a trove of personal data used for buying tickets on the official ticket-selling website of China Railway Corporation (CRC).
CRC confirmed the news in a statement but said that the data was leaked via other channels and not through CRC website.
“All the leaked information contains plain text, while the information in our website’s database is completely encrypted, which means that the data is leaked via other websites or channels,” the statement said.
With China’s Lunar New Year approaching, a large number of people have resorted to internet as the fastest way to purchase tickets in the lead up to the Chunyun, the hectic travel period ahead of the Chinese New Year.
Millions of Chinese people travel to their native places during the festival in February which is often described as the biggest human migration in the world.
The ticket rush has also led to the growth of software and web browsers that allow passengers to cut ahead of others when snapping up online tickets, state-run Xinhua news agency reported.
It is these channels that caused the leak, it said.
“We suggest passengers stay away from third-party software and web browsers to avoid similar risks,” it said.
The leak has scared ticket buyers with many saying on Weibo, Chinese social networking site, that they have already changed their passwords to prevent further risks.
Others laid the blame on railway authorities, saying that they should shoulder responsibility for the information leak.
Police have launched an investigation into the case.