Page 2 of 20 FirstFirst 1234512 ... LastLast
Results 26 to 50 of 495
  1. #26
    Join Date
    Jan 2007
    Location
    /dev/null
    Posts
    3,700
    Quote Originally Posted by xmsax View Post
    No only, my email, users and password hash.
    You can find a lot of information (actually more PERSONAL, like addresses) about people by domain whois, google etc anyway. The password is a different story, but I really don't see myself using an important password for a forum like this. I use the password that I used here on a few forums only, nothing that I am worrying about.

    The fact that the creditcard info was revealed could be a positive thing in 1 way, now creditcard companies are actually aware that it is possible to see huge CC frauds in the near future, if the hacker kept it all for himself, he could have done payments from all of these to buy everything out there (especially software, servers and other stuff that doesn't get delivered to an address), making it harder to proof fraude and people having no clue where it is coming from.
      0 Not allowed!

  2. #27
    Join Date
    Nov 2003
    Posts
    1,093
    Guys,

    I think you 100% dropped the ball on this one and tried to retain trust at the expense of those with card information in your database.

    If your database server is compromised, ANYTHING on it was potentially stolen. When this happened you should have come out and e-mailed all those with card information as urgent priority. Who cares that it hadn't been released by the hacker at the time, likely whatever the hacker has is going to be leaked out gradually. Is there anything else on your database server you haven't told us about?

    I don't remember how the old syatem worked (haven't used it in awhile and paid by PayPal) but did we have to give you personal address information as well? If so are we now waiting for this dump to be leaked?
      0 Not allowed!

  3. #28
    Join Date
    Oct 2006
    Location
    /usr/src/linux/
    Posts
    700
    I would assume that most credit card details are expired by now, if indeed the data was from 2006/07
    VPSnoc.com offers high quality Xen® OpenVZ & Windows® Virtual Private Servers at affordable prices.
    99.95% Uptime | 24/7/365 Support | Unmetered bandwidth.
    Follow us: twitter.com/VPSnoc
      0 Not allowed!

  4. #29
    Join Date
    Nov 2003
    Posts
    1,093
    Also, can we assume that the private message tables have been compromised and are likely the next things to be leaked? If the hacker is at all connected with this place they will likely know that people likely have some important and sensitive data stored there and would not want this to be distributed.

    To me it looks like the hacker has taken a dump of everything and is gradually sifting through it to find whatever can cause the most outrage from the WHT users.
      0 Not allowed!

  5. #30
    Join Date
    Nov 2003
    Posts
    1,093
    Quote Originally Posted by DigitalLinx View Post
    I would assume that most credit card details are expired by now, if indeed the data was from 2006/07
    There is current information there as well from sticky post payments.
      0 Not allowed!

  6. #31
    Join Date
    Nov 2001
    Location
    London
    Posts
    4,931
    Dennis, this is not a dig aimed at you. I know you are the public face here and will probably take flak for the whole situation. I am posting to summarize my frustration and frustration from the others that we have talked to.

    Who handles security for iNet? I have no doubt that this hacker is good, but unforgiveable mistakes were made.

    We now have the difficult decision of things like HostingCon, now run by iNet. Typically we would pay for advance on our credit card to secure the best rates. I am definitely uneasy about doing so but I don't particularly want to be penalised for paying when I arrive with point of sale. Perhaps iNet could address this and allow those who've attended before to reserve a place?

    We recently paid for some stickies using Paypal. Obviously we've changed our Paypal password but I am still uneasy knowing this could have also been compromised (your post at 7.14pm EST suggests more data could have been breached)? Can you clarify?
    Matthew Russell | Namecheap
    Twitter: @mattdrussell

    www.easywp.com - True Managed WordPress, made easy
      0 Not allowed!

  7. #32
    Join Date
    Mar 2006
    Location
    Blackpool, UK
    Posts
    26
    Questions you should be thinking about

    1. Why were WHT storing CC details in plain text with no hashing / encryption?
    2. Why were WHT storing CC details that had expired?
    3. Why were they storing CV2 codes which are not required and not allowed to be stored?
    4. Why wasn't the CC info stored on a separate none public system?
    5. Why were WHT not PCI Compliant and following the guidelines that exist for securing customers ?CC info?

    6. I believe there is a status field for each CC stored some say removed, which brings the question if a user opted for their card details to be removed why were they not totally removed from the db?

    Clearly it shows an absolute total lack of concern for user’s security.

    I would be surprised if iNet are not fined and taken to court over this.
    Chris Daley :: Dwebs Ltd :: Company No. 05603664 :: 0330 22 90 666
    https://dhosting.uk - Web Hosting, Manged Servers, Email Hosting
    My views are my own and not those of my company.
      0 Not allowed!

  8. #33
    Join Date
    Jan 2004
    Location
    North Yorkshire, UK
    Posts
    4,164
    Quote Originally Posted by DephNet[Paul] View Post
    I want to know why iNet are storing credit card numbers, let alone in the clear.
    <snip> Isn't that punishable by a custodial sentence?
    I notice this post has been snipped. I would like to know why you (inet) are trying to hide the fact that you recorded the CV2 numbers of all of the cards concerned? Is that because it's illegal and you think you'll get away with it if you keep it under wraps?

    Visa/Mastercard certainly know by now, so why hide it from your user base? It'll only make things worse when they sue you later (withholding information that could potentially have prevented fraud from taking place).

    I've seen the data, there are cards (some still valid) belonging to pretty large companies in there. This isn't going to go away, be upfront with your user base and admit you dropped the ball.

    You have the potential for a much better outcome that way.
    Last edited by dkitchen; 04-08-2009 at 06:22 AM.
    █ Dan Kitchen | Technical Director | Razorblue
    █ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
    █ UK Intensive Managed Hosting, Clusters and Colocation.
    █ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
      0 Not allowed!

  9. #34
    Join Date
    Apr 2004
    Location
    UK
    Posts
    1,334
    I am glad to see WHT back up so soon. Almost a whole day was pushing it for an addict

    Quote Originally Posted by Laws View Post
    To me it looks like the hacker has taken a dump of everything and is gradually sifting through it to find whatever can cause the most outrage from the WHT users.
    I guess the only way to know would be a case of waiting and seeing if anything else gets leaked (even then, this does not mean to say such data could be distributed privately). I had some sensitive data in private messages (some passwords) which I have changed, having shared your concerns.
    .
    » Kayako customer service software and live chat software- your customers deserve better than helpdesk
      0 Not allowed!

  10. #35
    Join Date
    Nov 2003
    Posts
    1,093
    Quote Originally Posted by SoftWareRevue View Post
    UPDATE: 7:14pm est 04/07/09

    From what we know now, there were more records on the database server where the credit card dump was taken. If research shows that a larger number of customer's data was compromised, we will contact those individuals directly.
    Uh, why not contact them all anyway? Your research a week ago said that no card details had been stolen, quite clearly your research isn't accurate and therefore you shouldn't be waiting to find out it was compromised, just assume it was.
      0 Not allowed!

  11. #36
    Join Date
    May 2004
    Location
    World Wide Web
    Posts
    1,195
    You may also like to see this - http://www.identitysecurityresource....screenshot.jpg
    Attached Thumbnails Attached Thumbnails dp_hacked_files_screenshot.jpg  
    RVH Cloud - Every day hosting solutions since 2003
    Shared Hosting Reseller Hosting VPS Dedicated Servers True 24 x 7 x 365 Support
      0 Not allowed!

  12. #37
    Join Date
    Aug 2004
    Posts
    242
    I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.
      0 Not allowed!

  13. #38
    Join Date
    Nov 2003
    Location
    Amidst several dimensions
    Posts
    4,324
    so he's saying that its not something related to wht, but the host has issues with their security ?

    i want that bambino caught and sued.
      0 Not allowed!

  14. #39
    Join Date
    Jul 2002
    Location
    Victoria, Australia
    Posts
    36,939
    Quote Originally Posted by contactsonia View Post
    Demmi1's threads were removed (eventually).
      0 Not allowed!

  15. #40
    Join Date
    Mar 2006
    Location
    Blackpool, UK
    Posts
    26
    Quote Originally Posted by calande View Post
    I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.
    Yeah like he will not be accessing digital point via a chain of proxy's or compromised boxes.
    Chris Daley :: Dwebs Ltd :: Company No. 05603664 :: 0330 22 90 666
    https://dhosting.uk - Web Hosting, Manged Servers, Email Hosting
    My views are my own and not those of my company.
      0 Not allowed!

  16. #41
    Join Date
    Jan 2007
    Location
    /dev/null
    Posts
    3,700
    Quote Originally Posted by calande View Post
    I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.


    Expect something like VPN to a server, from there to another, to another, to another, to another to a proxy and then to their forums (for example). Sure he did something that is of course wrong, but he is not stupid to leave simple flaws like this.
      0 Not allowed!

  17. #42
    Join Date
    May 2008
    Location
    Canada
    Posts
    985
    This is a flagrant PCI DSS (as well as common sense security) violation.

    You should have told customers 2 weeks ago to cancel their cards, etc.. Then you would have taken the hit up front and trust would return.

    But you have yourselves through your lack of actions broken the back of trust of your paying members.
    UnderHost.comOffshore Hosting Solutions and USA/Canadian based servers.
    24/7 Rapid Support / 99.9% Uptime Guarantee / Shared / Cloud / VPS / Dedicated Servers
    Managed OnApp CloudUSA Cloud Virtual Datacenter - Dedicated and Scalable Resources
    Hong Kong - Netherlands - Canada - Caribbean - United States - Russia
      0 Not allowed!

  18. #43
    Join Date
    May 2004
    Location
    World Wide Web
    Posts
    1,195
    Quote Originally Posted by calande View Post
    I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.
    Quote Originally Posted by anon-e-mouse View Post
    Demmi1's threads were removed (eventually).
    Looking into all the posts made by Demil1 earlier on DP, this users account was hacked by the hacker and than he posted the message that I shown in the screeshot.

    He must be using multiple proxies etc. etc. to hide/protect his IP address so it is really hard to get anything out of it
    RVH Cloud - Every day hosting solutions since 2003
    Shared Hosting Reseller Hosting VPS Dedicated Servers True 24 x 7 x 365 Support
      0 Not allowed!

  19. #44
    Join Date
    Oct 2003
    Location
    Scotland, UK
    Posts
    2,916
    This is quite embarassing for iNet

    The table holds the cc number, expiry, cvv, bank the card belongs to, name and "addressid". If the hacker has a copy of the CC table, do they also have a copy of the address table? Is there anything to suggest they don't have a copy of the table? While I can appreciate that you now realise more db's and data was compromised than initially thought, I think it is only sensible now to work on the basis everything the hacker could have access to has been taken, until you have evidence to the contrary.

    If there is *one* good thing, the majority of the cards seem to be expired.
    Alasdair
    Long time ex-host, ex-billing software owner/developer/support staff. Recent lurker.
      0 Not allowed!

  20. #45
    Join Date
    Aug 2004
    Posts
    242
    Yeah, it sounds hard. Some proxies or zombies used by the hacker will not log activities, making his catch impossible if he's taken the required safety measures

    The isitetech.com web site still hosts the RAR file of the CC#. It's a web hosting company! Not very secure as a web host!
      0 Not allowed!

  21. #46
    Join Date
    Apr 2004
    Location
    UK
    Posts
    1,334
    Quote Originally Posted by tickedon View Post
    While I can appreciate that you now realise more db's and data was compromised than initially thought, I think it is only sensible now to work on the basis everything the hacker could have access to has been taken, until you have evidence to the contrary..
    Absolutely. This is the first mentality to adopt upon any sort of compromise like this; the most pessimistic and assuming the worst case scenario.
    Last edited by Jamie Edwards; 04-08-2009 at 06:50 AM.
      0 Not allowed!

  22. #47
    Join Date
    Jul 2002
    Location
    Victoria, Australia
    Posts
    36,939
    Quote Originally Posted by calande View Post
    I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.
    He/she posted similar here so we have those IPs.
      0 Not allowed!

  23. #48
    Join Date
    May 2004
    Location
    World Wide Web
    Posts
    1,195
    Which country these IPs belong to btw, if you don't mind?
    RVH Cloud - Every day hosting solutions since 2003
    Shared Hosting Reseller Hosting VPS Dedicated Servers True 24 x 7 x 365 Support
      0 Not allowed!

  24. #49
    Join Date
    Jan 2004
    Location
    Oztrayla Mate!
    Posts
    583
    It's crazy that more info is posted elsewhere instead of here. If you were wondering what type of data may of been compromised with your CC details, the database schema is posted on DP:

    http://forums.digitalpoint.com/showt...php?p=11106540

    No point trying to hide it, the complete DB dumps are being handed around like candy. At least everyone can get an idea what was compromised now.

    Also the user table just contained the format:

    JohnDoe:johndoe@mail.com:66b69b3041e5c6a3a19e769cdc6bbf38:J_!
    Was the any street addresses etc? No, not in the databases i encountered. I don't even know if WHT holds that info, but if they do it's probably best to assume someone has it somewhere.
    Last edited by 1boss1; 04-08-2009 at 07:09 AM.
      0 Not allowed!

  25. #50
    Join Date
    Oct 2005
    Location
    Six Degrees From You
    Posts
    1,079
    Quote Originally Posted by tickedon View Post
    The table holds the cc number, expiry, cvv, bank the card belongs to, name and "addressid".
    Why is iNet holding data that is illegal to store, the CVV?
      0 Not allowed!

Page 2 of 20 FirstFirst 1234512 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •