On 21 March 2020 the Network Security Administration of the Ministry of Industry and Information Technology (MIIT) interviewed the party responsible for the Sina Weblog App regarding a data breach caused by malicious use of the user query interface.(1) During the interview, MIIT required Sina Weblog to take effective measures to remove the following data security vulnerabilities:
- Improving its privacy policy as soon as possible to regulate the collection and use of user's personal information.
- Strengthening the classification and grading of user information and improving the security protection strategy such as risk control of the user query interface.
- Improving the internal data security management and carrying out self-assessment on data security compliance periodically or prior to the launch of new business to timely prevent the data security risks.
- Timely informing users and reporting to the competent authority when material data security occurs.
Sina Weblog replied that it has upgraded its interface security strategy and will perform its data protection obligations according to MIIT's instructions.
Endnotes
