JR East official website has been tampered with unauthorized access and paused

JR East JapanWhen I accessed the page on the previous page, I noticed that it can not be used because it is "About pausing this site." Apparently, a part of the page has been tampered with unauthorized access and seems to be investigating cause.

Details are as below.

2009/12/23 22:27 Additional notesJR East: JR East website Web site emergency maintenance announcement

At the moment it is supposed to be automatically skipped to the above page when accessing the page such as the top page and each station information, and it is written as follows.

About suspension of our site

December 23, 2009

Since it turned out that part of our website site was tampered with unauthorized access, we are pleased to inform you that we have temporarily suspended the normal page.
Currently we are investigating the cause, and we will resume as soon as safety is confirmed.
You can use the following services.
We apologize for the inconvenience caused to customers using it. Deeply apologize.

East Japan Railway Company

The page itself has been updated around 5 am on December 23, 2009,According to TBSOn the 21st of the 21st, information from the general user "Part of the homepage has been tampered with" was received, and as a result of survey, tampering with the program was found in a part of the search service on the site, so on Monday the 23rd It is said that most of functions are stopped from around 2 o'clock.

It is still unknown at the moment what kinds of damage is done specifically and what kind of damage will be given to the person who was browsing during that time.

2009/12/23 22:27 Addendum
It is said that it became available from around 19 o'clock and the circumstances are summarized below.

JR East: (apology) About restarting the homepage

The type of virus is "GumblarAccording to the explanation of the above page, "It is a type of virus that infects when displaying a tampered web page.In infected computers, there is a possibility that it is guided to a site not intended by customers. "Asks for confirming that it is infected by online scan and disinfecting it.

Furthermore, it is not written in the above pageMainichi Newspaper coverageAccording to the page tampered with JR East's keyword search function and "Adult holiday club · Tokyo courses"The number of accesses to the tampered page is about 50,000. Also,Kyodo NewsAccording to the report that the keyword search was from December 8th to December 21st and the Tokyo course had been tampered between December 18th and December 22nd, he accessed it and used it As a precaution, someone who has a thing seems to have better check his personal computer.

in Note, Posted by darkhorse