Chinese e-commerce giant JD has apologized for a user data leak in an official announcement on Sunday. The data leak exposed millions of users’ user names, passwords, email addresses, QQ accounts, ID numbers, and phone numbers.

JD claims that the leak actually took place in 2013. They attribute it to a security loophole in Apache Struts 2, an open-source web application framework used widely by Internet companies and governments.

JD claims to have notified at-risk customers to update their accounts after detecting and closing the security holes.

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

What you get

Full access to all premium content and our full archives

Members'-only newsletters

Preferential access and discounts to all TechNode events

Direct access to the TechNode newsroom

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

Emma Lee

Emma Lee is Shanghai-based tech writer, covering startups and tech happenings in China and Asia in general. We are looking for stories related to tech and China. Reach her at lixin@technode.com.