— Among algorithms in recommendation system, Collaborative Filtering (CF) is a popular one. However, the CF methods can’t guarantee the safety of the user rating data which cause private preserving issue. In general, there are four kinds of methods to solve private preserving: Perturbation, randomization, swapping and encryption. In this paper, we mimic algorithms which attack the privacy-preserving methods with randomized perturbation techniques. After leaking part of rating history of a customer, we can infer this customer’s other rating history. At the end, we propose an algorithm to enhance the system so as to avoid being attacked.