Results 26 to 50 of 495
-
04-08-2009, 05:57 AM #26cout << m_subtitle;
- Join Date
- Jan 2007
- Location
- /dev/null
- Posts
- 3,700
You can find a lot of information (actually more PERSONAL, like addresses) about people by domain whois, google etc anyway. The password is a different story, but I really don't see myself using an important password for a forum like this. I use the password that I used here on a few forums only, nothing that I am worrying about.
The fact that the creditcard info was revealed could be a positive thing in 1 way, now creditcard companies are actually aware that it is possible to see huge CC frauds in the near future, if the hacker kept it all for himself, he could have done payments from all of these to buy everything out there (especially software, servers and other stuff that doesn't get delivered to an address), making it harder to proof fraude and people having no clue where it is coming from.0
-
04-08-2009, 06:04 AM #27Web Hosting Master
- Join Date
- Nov 2003
- Posts
- 1,093
Guys,
I think you 100% dropped the ball on this one and tried to retain trust at the expense of those with card information in your database.
If your database server is compromised, ANYTHING on it was potentially stolen. When this happened you should have come out and e-mailed all those with card information as urgent priority. Who cares that it hadn't been released by the hacker at the time, likely whatever the hacker has is going to be leaked out gradually. Is there anything else on your database server you haven't told us about?
I don't remember how the old syatem worked (haven't used it in awhile and paid by PayPal) but did we have to give you personal address information as well? If so are we now waiting for this dump to be leaked?0
-
04-08-2009, 06:06 AM #28Web Hosting Master
- Join Date
- Oct 2006
- Location
- /usr/src/linux/
- Posts
- 700
I would assume that most credit card details are expired by now, if indeed the data was from 2006/07
█ VPSnoc.com offers high quality Xen® OpenVZ & Windows® Virtual Private Servers at affordable prices.
█ 99.95% Uptime | 24/7/365 Support | Unmetered bandwidth.
█ Follow us: twitter.com/VPSnoc
0
-
04-08-2009, 06:11 AM #29Web Hosting Master
- Join Date
- Nov 2003
- Posts
- 1,093
Also, can we assume that the private message tables have been compromised and are likely the next things to be leaked? If the hacker is at all connected with this place they will likely know that people likely have some important and sensitive data stored there and would not want this to be distributed.
To me it looks like the hacker has taken a dump of everything and is gradually sifting through it to find whatever can cause the most outrage from the WHT users.0
-
04-08-2009, 06:12 AM #30Web Hosting Master
- Join Date
- Nov 2003
- Posts
- 1,093
0
-
04-08-2009, 06:13 AM #31Web Hosting Master
- Join Date
- Nov 2001
- Location
- London
- Posts
- 4,931
Dennis, this is not a dig aimed at you. I know you are the public face here and will probably take flak for the whole situation. I am posting to summarize my frustration and frustration from the others that we have talked to.
Who handles security for iNet? I have no doubt that this hacker is good, but unforgiveable mistakes were made.
We now have the difficult decision of things like HostingCon, now run by iNet. Typically we would pay for advance on our credit card to secure the best rates. I am definitely uneasy about doing so but I don't particularly want to be penalised for paying when I arrive with point of sale. Perhaps iNet could address this and allow those who've attended before to reserve a place?
We recently paid for some stickies using Paypal. Obviously we've changed our Paypal password but I am still uneasy knowing this could have also been compromised (your post at 7.14pm EST suggests more data could have been breached)? Can you clarify?Matthew Russell | Namecheap
Twitter: @mattdrussell
www.easywp.com - True Managed WordPress, made easy0
-
04-08-2009, 06:15 AM #32Newbie
- Join Date
- Mar 2006
- Location
- Blackpool, UK
- Posts
- 26
Questions you should be thinking about
1. Why were WHT storing CC details in plain text with no hashing / encryption?
2. Why were WHT storing CC details that had expired?
3. Why were they storing CV2 codes which are not required and not allowed to be stored?
4. Why wasn't the CC info stored on a separate none public system?
5. Why were WHT not PCI Compliant and following the guidelines that exist for securing customers ?CC info?
6. I believe there is a status field for each CC stored some say removed, which brings the question if a user opted for their card details to be removed why were they not totally removed from the db?
Clearly it shows an absolute total lack of concern for user’s security.
I would be surprised if iNet are not fined and taken to court over this.Chris Daley :: Dwebs Ltd :: Company No. 05603664 :: 0330 22 90 666
https://dhosting.uk - Web Hosting, Manged Servers, Email Hosting
My views are my own and not those of my company.0
-
04-08-2009, 06:17 AM #33Managed Hosting Expert
- Join Date
- Jan 2004
- Location
- North Yorkshire, UK
- Posts
- 4,164
I notice this post has been snipped. I would like to know why you (inet) are trying to hide the fact that you recorded the CV2 numbers of all of the cards concerned? Is that because it's illegal and you think you'll get away with it if you keep it under wraps?
Visa/Mastercard certainly know by now, so why hide it from your user base? It'll only make things worse when they sue you later (withholding information that could potentially have prevented fraud from taking place).
I've seen the data, there are cards (some still valid) belonging to pretty large companies in there. This isn't going to go away, be upfront with your user base and admit you dropped the ball.
You have the potential for a much better outcome that way.Last edited by dkitchen; 04-08-2009 at 06:22 AM.
█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).0
-
04-08-2009, 06:19 AM #34Web Hosting Master
- Join Date
- Apr 2004
- Location
- UK
- Posts
- 1,334
I am glad to see WHT back up so soon. Almost a whole day was pushing it for an addict
I guess the only way to know would be a case of waiting and seeing if anything else gets leaked (even then, this does not mean to say such data could be distributed privately). I had some sensitive data in private messages (some passwords) which I have changed, having shared your concerns..
» Kayako customer service software and live chat software- your customers deserve better than helpdesk
0
-
04-08-2009, 06:23 AM #35Web Hosting Master
- Join Date
- Nov 2003
- Posts
- 1,093
0
-
04-08-2009, 06:24 AM #36Wanna be a part?
- Join Date
- May 2004
- Location
- World Wide Web
- Posts
- 1,195
You may also like to see this - http://www.identitysecurityresource....screenshot.jpg
≡ RVH Cloud - Every day hosting solutions since 2003≡
★ Shared Hosting ★ Reseller Hosting ★ VPS ★ Dedicated Servers ★ True 24 x 7 x 365 Support0
-
04-08-2009, 06:28 AM #37Junior Guru
- Join Date
- Aug 2004
- Posts
- 242
I think this screenshot can prove useful. This is taken from Digital Point, a popular forum operated by a San Diego, CA company. The guys can locate the user using his IP address, and trace him.
0
-
04-08-2009, 06:28 AM #38Disabled
- Join Date
- Nov 2003
- Location
- Amidst several dimensions
- Posts
- 4,324
so he's saying that its not something related to wht, but the host has issues with their security ?
i want that bambino caught and sued.0
-
04-08-2009, 06:29 AM #390
-
04-08-2009, 06:31 AM #40Newbie
- Join Date
- Mar 2006
- Location
- Blackpool, UK
- Posts
- 26
Chris Daley :: Dwebs Ltd :: Company No. 05603664 :: 0330 22 90 666
https://dhosting.uk - Web Hosting, Manged Servers, Email Hosting
My views are my own and not those of my company.0
-
04-08-2009, 06:33 AM #41cout << m_subtitle;
- Join Date
- Jan 2007
- Location
- /dev/null
- Posts
- 3,700
0
-
04-08-2009, 06:37 AM #42
This is a flagrant PCI DSS (as well as common sense security) violation.
You should have told customers 2 weeks ago to cancel their cards, etc.. Then you would have taken the hit up front and trust would return.
But you have yourselves through your lack of actions broken the back of trust of your paying members.█ • UnderHost.com • Offshore Hosting Solutions and USA/Canadian based servers.
█ • 24/7 Rapid Support / 99.9% Uptime Guarantee / Shared / Cloud / VPS / Dedicated Servers
█ • Managed OnApp Cloud • USA Cloud Virtual Datacenter - Dedicated and Scalable Resources
█ • Hong Kong - Netherlands - Canada - Caribbean - United States - Russia •0
-
04-08-2009, 06:38 AM #43Wanna be a part?
- Join Date
- May 2004
- Location
- World Wide Web
- Posts
- 1,195
Looking into all the posts made by Demil1 earlier on DP, this users account was hacked by the hacker and than he posted the message that I shown in the screeshot.
He must be using multiple proxies etc. etc. to hide/protect his IP address so it is really hard to get anything out of it≡ RVH Cloud - Every day hosting solutions since 2003≡
★ Shared Hosting ★ Reseller Hosting ★ VPS ★ Dedicated Servers ★ True 24 x 7 x 365 Support0
-
04-08-2009, 06:41 AM #44Retired Moderator
- Join Date
- Oct 2003
- Location
- Scotland, UK
- Posts
- 2,916
This is quite embarassing for iNet
The table holds the cc number, expiry, cvv, bank the card belongs to, name and "addressid". If the hacker has a copy of the CC table, do they also have a copy of the address table? Is there anything to suggest they don't have a copy of the table? While I can appreciate that you now realise more db's and data was compromised than initially thought, I think it is only sensible now to work on the basis everything the hacker could have access to has been taken, until you have evidence to the contrary.
If there is *one* good thing, the majority of the cards seem to be expired.Alasdair
Long time ex-host, ex-billing software owner/developer/support staff. Recent lurker.0
-
04-08-2009, 06:42 AM #45Junior Guru
- Join Date
- Aug 2004
- Posts
- 242
Yeah, it sounds hard. Some proxies or zombies used by the hacker will not log activities, making his catch impossible if he's taken the required safety measures
The isitetech.com web site still hosts the RAR file of the CC#. It's a web hosting company! Not very secure as a web host!0
-
04-08-2009, 06:47 AM #46Web Hosting Master
- Join Date
- Apr 2004
- Location
- UK
- Posts
- 1,334
0
-
04-08-2009, 06:51 AM #470
-
04-08-2009, 06:54 AM #48Wanna be a part?
- Join Date
- May 2004
- Location
- World Wide Web
- Posts
- 1,195
Which country these IPs belong to btw, if you don't mind?
≡ RVH Cloud - Every day hosting solutions since 2003≡
★ Shared Hosting ★ Reseller Hosting ★ VPS ★ Dedicated Servers ★ True 24 x 7 x 365 Support0
-
04-08-2009, 06:57 AM #49Web Hosting Master
- Join Date
- Jan 2004
- Location
- Oztrayla Mate!
- Posts
- 583
It's crazy that more info is posted elsewhere instead of here. If you were wondering what type of data may of been compromised with your CC details, the database schema is posted on DP:
http://forums.digitalpoint.com/showt...php?p=11106540
No point trying to hide it, the complete DB dumps are being handed around like candy. At least everyone can get an idea what was compromised now.
Also the user table just contained the format:
JohnDoe:johndoe@mail.com:66b69b3041e5c6a3a19e769cdc6bbf38:J_!Last edited by 1boss1; 04-08-2009 at 07:09 AM.
0
-
04-08-2009, 06:59 AM #50Disabled
- Join Date
- Oct 2005
- Location
- Six Degrees From You
- Posts
- 1,079
0