McBradders
NeoGAF: my new HOME
From the ShopTo forums;
EDIT: Beaten twice
EDIT: Beaten twice
Clearly a conspiracy. Damn those fraudulent Germans!kamorra said:wat
They don't believe that do they? A massive attempt by German customers to fraudulently claim against them??
kamorra said:How do you know if there was a leak at shopto? What about play.com? I use both.
Dazzyman said:Thats why its always best no matter how good you are with your card details to always keep an eye on your account and if you get a £1 transaction going out you dont know about phone bank up.
Well, look on the bright side.Fizzle said:Deleted my card.
I looked at my bank balance now, "Available Balance - £-8.57", but that's my bad. :lol
Being young and jobless comes with a price. =[
forum.shopto.net said:As explained above rest assured the leak has not come from us. Just so people know a little more, one of the security measures mentioned is McAfee secure which scans the website twice a day to ensure there is no suspicious activity. If you click the McAfee logo on the front page it explains this in more detail and confirms our security.
We're getting in touch with those who deal with our certificate now for an explanation as to why it would say anywhere that we're not secure when we are. If any issues were ever to occur though they would be in touch with us right away, which they've not been.
Security is always of the highest priority, as the systems we have in place and our company policies reflect, and it's something we'll never stop working on to ensure our customers are safe.
- ShopTo Support Team
Someone on another board said that they updated their SSL certificate after the downtime. So much for that, shopto! *rolleyes*Benson said:back up again now
dk_ said:Someone in another board said that they updated their SSL certificate after the downtime. So much for that, shopto! *rolleyes*
Don't you have online account on HSBC? You can check your statements online.ice cream said:So how do I check my statement? I have debit card with HSBC, do I phone them and just ask..? Sorry I'm 16 and fairly new to all this banking business...
***UPDATE***
A quick update:
We've been in touch and they've re-issued the certificate (which is why the website was down for a couple of minutes), as you can see all is fine:
broadwayrock said:Sendit have nothing to do with Shopto.
They are run by TheHut.com:
http://en.wikipedia.org/wiki/Thehut
By Ry Crozier
20 March 2009 03:36PM
A defunct payment gateway has exposed as many as 19,000 credit card numbers, including up to 60 Australian numbers.
The discovery by a local IT industry worker was made by mistake.
Apart from being the result of poor security, it may also have been aided by a side-effect of the Google search engine, in which the pages of defunct web sites containing sensitive directories remain cached and available to anyone.
The cached data, viewed by iTnews, includes 22,000 credit card numbers, including CVVs, expiry dates, names and addresses.
Up to 19,000 of these numbers could be active. Most are customers in the US and Britain although some are Australian.
The credit card numbers are for accounts held with Visa, Mastercard, American Express, Solo, Switch, Delta and Maestro/Cirrus.
Within the address bars of the cached pages are URLs of companies, including UK retailers of laboratory supplies, sports and health goods, apparel, photo imaging and clothing.
"I received a Google Alert for a name," said the worker who discovered the problem, speaking on condition of anonymity to iTnews.
"The alert started with a bunch of other numbers, so I went to the web page and it was just a virtual directory listing with a bunch of directories underneath and a load of files inside."
"It looks like the site might have been a payment processing gateway that handled credit card transactions for a bunch of websites before it went belly-up," the worker speculated.
The worker tried to report the find immediately to Visa and Mastercard, which have the lion's share of card numbers, but said neither returned calls.
iTnews has contacted the credit card providers for comment.
"We're investigating this report as a matter of priority, but it's too early to make any further comment," said a spokesperson for Visa.
The information will be handed to police tonight, the worker said.
Seems to be panic caused by the story and people seeing the screwed SSL cert at the same time.VibratingDonkey said:So basically, there was no Shopto.net leak?
Yeah, I can see this hurting sales alot.GarthVaderUK said:I feel kinda bad for ShopTo now! They've always been very quick with my orders, I hope they cope OK through this.
lockload said:Well ive used shopto for years
The original article on this was from early march the cards included american express cards which shopto dont even accept
broadwayrock said:Sendit have nothing to do with Shopto.
They are run by TheHut.com:
http://en.wikipedia.org/wiki/Thehut