Dear Valued Customers,
At 4:15 the morning of Dec 31st a hacker gained access to our site. He was able to send all customers a fraudulent email.
I can assure you that we do not keep any credit card information in our database, so there is no way this can be compromised. We can not even get to your credit card information, this is protected under the strictest of new card handling guidelines. The hacker appears only to have used a bulk mailing program in our admin panel to send out his advertisement. There is no trace that anything else was accessed or any info was downloaded. Unfortunately he used an alias IP so we can not track his actual origin.
We have implemented several new steps to protect our site and your purchase information and assure you will continue to look for all available methods to stop this from ever happening again.
As a token for putting up with this inconvenience we have set up a coupon, “email” good for 10% off of all orders all items this is good until Jan 11, 2004.
I pray for your understanding, have a great New Year.
Did you know that you can enjoy many members-only features simply by quickly registering (no CAPTCHA!)?
Registering gives you access to our giveaways, forum features, increased search performance, access to our Download Library, create your own blog & gallery, and more!
Once you have registered, stop by in 'Hello World', and introduce yourself.
Posted 01 January 2004 - 04:59 PM
Posted 01 January 2004 - 05:34 PM
Posted 01 January 2004 - 05:36 PM
Posted 01 January 2004 - 05:42 PM
Posted 01 January 2004 - 05:49 PM
I agree with what you are saying. Don't really know if we can apply logical reasoning with these types of hackers.
I feel really bad for him also. I always knew you knew what you were talking about in "that" HS posting. This proves it.
Bill seems like a guy who would go to the ends of the earth to please his customers as was shown by some of his customer's replies. I don't think he is a "bad" guy. Just a victim. Maybe this could have been avoided, maybe not. I certainly hope this does not affect his buisness (i.e. livelihood), and wish him the best of luck to get things resolved!!!
(Oh, BTW, I received this EMail also)
Edited by BraveSirRobbin, 01 January 2004 - 05:52 PM.
Posted 01 January 2004 - 06:36 PM
jwilson56: I agree, I do this stuff for living, there is always a way of tracking these kind of break in's, I can understand they are proxying their connection thru other compromised hosts, but if you ask those other hosts nicely who was connected to their host, you can track down who the intruder is (in most cases at least). I also agree that the company that is selling their products to the people listed in that stolen database should be held accountable or at least be investigated (you try driving a stolen car someone sold to you, won't be for long).
Posted 05 January 2004 - 06:36 PM
Posted 06 January 2004 - 11:03 PM
Posted 07 January 2004 - 08:54 AM
People might adapt your security model, and I would be out of a job
I am glad to hear that this is how your site is setup. I would guess that Bill got one of those store package deals, where the hosting company takes care of the backend (ordering,payment, etc...), and the hosting company put it all on 1 server (maybe there was an issue with the administrative interface, or he had an easy to guess password). However, you can't just tell people what the intruder did NOT download (which he did), since not everything is logged, and an intruder that knows what he is doing (since they can't catch him I assume he does) would be able to hide his tracks anyways.
Posted 07 January 2004 - 12:13 PM
Posted 07 January 2004 - 12:50 PM
Posted 07 January 2004 - 07:56 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users