diff --git a/2024/12/2024-12-17-meiyijia.md b/2024/12/2024-12-17-meiyijia.md new file mode 100644 index 000000000..4e58eaac5 --- /dev/null +++ b/2024/12/2024-12-17-meiyijia.md @@ -0,0 +1,60 @@ +Before disabling any content in relation to this takedown notice, GitHub +- contacted the owners of some or all of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work). +- provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice). + +To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice). + +--- + +MeiYiJia Holdings Limited. Information leakage appeal right +Affirmation: I have read and understand GitHub's Guidelines for Submitting DMCA Notifications. +Complaint unit: [private] Magic Cube Security Technology Co., Ltd (entrusted by MeiYiJia Holdings Limited.). +Person responsible: [private], contact telephone number: [private]. +Unit e-mail: [private]. +Unit address: [private] Email: [private]. + +Request: + +(1) I have understood your request. According to evidence such as meiyijia.com, MeiyijiaStore, and meiyijia0513.tar.gz, it is the internal warehouse management system project of Meiyijia. For each warehouse below, I will explain in detail how many lines of code are at risk. We have understood the DMCA policy, and we have confirmed with Meiyijia that this is an unauthorized upload and a commercial infringement. Since the entire warehouse content is warehouse management system information, we hope that users will delete the entire warehouse, not the branch. + +(2) Specific information description: + +The leaked file address 1: +On November 4, 2019, user jiabaoer leaked the source code of Meiyijia's storage management system at the link https://github.com/jiabaoer/myj/. The source code information of bill processing, provider processing, user processing, and role processing in the src/main/java and src/main/app files of Meiyijia's internal storage management system was leaked, totaling 418 lines. In addition, 4 sql files were leaked, containing database account and password information. Meiyijia's internal security personnel confirmed that this code is a storage management system project, and this leak contains system source code information, which is exposed on the public platform and may be audited by hackers and exploited by attackers at any time, causing serious security incidents. We hope that GitHub officials will assist in asking users to delete the entire repository at https://github.com/jiabaoer/myj. + +[private] + +The leaked file address 2: +On October 11, 2018, user stoneForRock leaked the MeiYiJia storage system source code on the link https://github.com/stoneForRock/MeiYiJia. The source code in the file includes the backend code, test code, UI test code, etc. of the MeiYiJia storage system. There are five folders, MeiYiJiaStore.xcodeproj, MeiYiJiaStore.xcworkspace, MeiYiJiaStore, MeiYiJiaStoreTests, and MeiYiJiaStoreUITests, with a total of 832 lines of code. It was confirmed to be a MeiYiJia application through MeiyijiaStore.app. MeiYiJia internal security personnel have confirmed that the code is a MeiYiJia storage system application project, and this leak contains system source code information, which is exposed on the public platform and may be audited by hackers and used by attackers at any time, causing serious security incidents. We hope that GitHub can officially assist us in asking users to delete the entire MeiYiJia repository at https://github.com/stoneForRock/MeiYiJia. + +[private] + +The leaked file address 3: +On July 5, 2023, user outt-iao leaked the interface address of Meiyijia's fault handling platform at the link https://github.com/outt-iao/outt-iao.github.io/, and proved through kf.meiyijia.com.cn, mposshop-gd.myj.com.cn, shop.meiyijia.com.cn, etc. that the source code of the file contains task reporting, maintenance platform, new customer service task management platform and operation platform driver information, involving a total of 10 lines of code. Meiyijia's internal security personnel confirmed that the code is the interface address of Meiyijia's fault handling platform, and this leak contains system URL address information, which may be exploited by attackers at any time after being exposed on the public platform, causing serious security incidents. We hope that GitHub will officially assist in requesting the user to delete the entire repository https://github.com/outt-iao/outt-iao.github.io/. + +[private] + +The leaked file address 4: +On May 30, 2018, user Fence leaked the model algorithm and model data related to Meiyijia warehouse processing at the link https://github.com/Fence/Desktop/tree/master/meiyijia. Through files such as meiyijia, meiyijia0513.tar.gz and meiyijia_code.tar.gz, it was confirmed that it was related to Meiyijia, involving a total of 8 files and 591 lines of code. The source code of this file contains warehouse calculation models and information such as stores, products, and warehouses. Meiyijia's internal security personnel have confirmed that this code is a model algorithm related to Meiyijia warehouse processing, and this leak includes warehouse processing algorithm information. Exposure to the public platform may be exploited by attackers at any time, causing serious security incidents. We hope that GitHub officials will assist in asking users to delete the entire repository https://github.com/Fence/Desktop/tree/master/meiyijia. + + +[private] + +Explanation: +(1) The above-mentioned warehouse file content seriously infringes the rights of Meiyijia Holdings Co., Ltd. The complaint content is the internal non-public source code of Meiyijia Holdings Co., Ltd., involving relevant configuration information and platform data information. We hereby apply for Github official assistance to remove it in a timely manner. +(2) We hope that the above-mentioned users can delete the entire warehouse provided in the above complaint No. 2. +(3) We cannot know the information of the infringer. +(4) Our company has also complained on the GitHub platform to remove sensitive information. The submitted materials and leaked warehouse address are also very accurate. Since the leaked content involves internal source code information, please help GitHub to remove it as soon as possible. Thank you very much. + +Statement: +(1) I firmly believe that the use of the above-mentioned copyrighted materials on the infringing webpage is not authorized by the copyright owner, its agent or the law, and I have considered the situation of fair use. +(2) Our company is the legal owner of the complained content (attached with a letter of authorization); +(3) Our company hereby swears that the information in this notice is accurate and that our company is the authorized representative of the copyright owner for the exclusive rights allegedly infringed. If it is untrue, I am willing to accept the penalty of perjury. +Our company guarantees that the information described in this notice is sufficient, true and accurate, and our company has been authorized to exercise the rights and interests of the content listed in Item 2. + +Sincerely, +[private] +[private] (commissioned by Meiyijia Holdings Co., Ltd.): +[private] Magic Cube Security Technology Co., Ltd. +Date: December 16, 2024 +Applicant Signature: [private]