Recently, printers in various regions of China including Guangxi and Henan have gone out of control, printing out receipts filled with insulting and attacking words towards customers. The printer company responded by stating that the attackers exploited vulnerabilities to push millions of pieces of junk information to users’ printers, affecting thousands of businesses.
On September 5th, a business owner reported on an online platform that despite having no outstanding fees in her printer account, all that was printed out were attacking words. When she contacted the “Midday Printer” customer service, she was informed that the company’s server had been attacked.
On the same day, a staff member of the “Midday Printer Company” told media that the incident was caused by the failure to promptly clear the account of a former employee, resulting in the accidental leakage of the password.
The staff member mentioned that their company had an internal policy of changing passwords every quarter, but due to not reaching the change period, they failed to identify the vulnerability in time. Attackers took advantage of this loophole to continuously push millions of pieces of junk information, causing the server to be severely overloaded for a short period.
The staff member mentioned, “The deletion speed could not keep up with the incoming volume, so we immediately cut off the third-party push channel and gradually cleaned up the backed-up data in the database,” fully repairing the loophole and restoring the system within an hour.
He added that this was the first large-scale attack the company had faced in its 6 years of operation. After the incident, the company promptly reported it to the authorities.
In response, mainland Chinese netizens raised questions:
– “If you buy a printer, why does it still have a recharge service backdoor?”
– “Once you buy a printer, it becomes the property of the purchaser, so why does it still need to communicate with the manufacturer online, allowing them to access all your printing information? Isn’t this a serious violation by the printer manufacturer? They are secretly collecting users’ printing information.”
– “After being attacked by hackers, who benefits?”
– “If the attackers demand customers recharge, what can they gain? Company reputation?”
– “There are many secrets in old printers, and cache chips can restore a lot of data.”
– “Fortunately, the printer I have is not from that brand, and it has been working normally these days! We print receipts every day, so we cannot afford any mistakes!”
– “I always thought printing was just an additional feature of the order, but it turns out there is a backdoor. The backend data still belongs to the printer company, and it even charges. Is this legal? It’s getting harder to understand!”
– “Even if they were extorted by hackers, it shows that this company is not secure. What right do they have to charge for services?”