Battlefront.com Posted March 26, 2010 Share Posted March 26, 2010 The most critical info a customer could ever fear having exposed is credit card info. Fortunately, that is never, ever, ever, EVER on our server. Not even for a milisecond. And kids... it's for exactly this reason you should hope everybody is as careful about this as we are It is possible that the hacker got your email addresses. We're not exactly sure if he could have done that or not. Of course getting email addresses is pretty easy to do. I have received a ton of emails from people I know that aren't legit. Fortunately neither is the English used We think the hacker didn't get the emails, though. For sure he didn't specifically email any of you rather he told our store to email all users with his message. With the type of breach we had it's possible that's all he was able to do. It's unlikely he got people's mailing address information. It's purposefully stored in a very convoluted way that requires having a completely functional copy of our entire database. It is possible he took the time to do this, but we don't think that was on his ToDo List. He'd also have to query for individual addresses (I think!) and I doubt that would be worth his time to mess with. Passwords are all stored encrypted so they are all safe. We think his primary goal was to blackmail us and to cause enough havoc to convince us to pay up. I'm sure if he could have got credit card info he would have loved that. We're happy to disappoint! Steve 0 Quote Link to comment Share on other sites More sharing options...
Michael Emrys Posted March 26, 2010 Share Posted March 26, 2010 Considering your recent track record, I won't hold my breath for it. I'll believe it when I see it. Such distrust. Tsk, tsk, tsk. Personally, I think you should show more faith and stop breathing. Michael 0 Quote Link to comment Share on other sites More sharing options...
Copper Posted March 26, 2010 Share Posted March 26, 2010 I though Battlefront went off line in a secret move to release CM Normandy! 0 Quote Link to comment Share on other sites More sharing options...
Copper Posted March 26, 2010 Share Posted March 26, 2010 I did get the email that you we speaking of Steve. I though it was really weird and did not take any action. That email has since disappeared from my computer. 0 Quote Link to comment Share on other sites More sharing options...
Wicky Posted March 26, 2010 Share Posted March 26, 2010 No e-mail at my end - Though having a .mac.com address might have helped... 0 Quote Link to comment Share on other sites More sharing options...
pad152 Posted March 26, 2010 Share Posted March 26, 2010 The most critical info a customer could ever fear having exposed is credit card info. Fortunately, that is never, ever, ever, EVER on our server. Not even for a milisecond. And kids... it's for exactly this reason you should hope everybody is as careful about this as we are It is possible that the hacker got your email addresses. We're not exactly sure if he could have done that or not. Of course getting email addresses is pretty easy to do. I have received a ton of emails from people I know that aren't legit. Fortunately neither is the English used We think the hacker didn't get the emails, though. For sure he didn't specifically email any of you rather he told our store to email all users with his message. With the type of breach we had it's possible that's all he was able to do. It's unlikely he got people's mailing address information. It's purposefully stored in a very convoluted way that requires having a completely functional copy of our entire database. It is possible he took the time to do this, but we don't think that was on his ToDo List. He'd also have to query for individual addresses (I think!) and I doubt that would be worth his time to mess with. Passwords are all stored encrypted so they are all safe. We think his primary goal was to blackmail us and to cause enough havoc to convince us to pay up. I'm sure if he could have got credit card info he would have loved that. We're happy to disappoint! Steve It's not just email addressed exposed, the email I got contained my full name and address. Already today I got phishing emails from the IRS, CitiBank, US Census, etc, things I normally don't get!!!! 0 Quote Link to comment Share on other sites More sharing options...
GraemeA Posted March 26, 2010 Share Posted March 26, 2010 This is a screenshot of the email I got (no names and addresses in mine): 0 Quote Link to comment Share on other sites More sharing options...
Battlefront.com Posted March 27, 2010 Share Posted March 27, 2010 Yes, the hacker did get quite a bit of stuff none of us are happy he got. There is no ifs, ands, or buts about it... this definitely sucks. However, the information he did get is generally available to SPAMers and Phishers through various other means. These things come in waves. For example, a few weeks ago I got spoof emails from email addresses of people I know. Several a day for a while, likely from an email address book virus. Since then I've got not a single spoofed email. Fortunately for everybody, the most important stuff that a hacker could possibly get is literally not on our server. Credit card information being the most important of the important. The rest are very sensitive processes that are hosted by other services. I don't want to go into details about this aspect, but I can say that it helps that a hacked server was anticipated when we set up various things. Given enough time and enough luck, no server is safe. Look at Twitter... hacked this past week and even President Obama's account was raided. I bet you Twitter's IT department is a little larger and better funded than ours At least we made it 10 years before we experienced a significant breach. Steve 0 Quote Link to comment Share on other sites More sharing options...
Canada Guy Posted March 27, 2010 Share Posted March 27, 2010 I also got the email but have not been hit with too many phishing expeditions yet. I work at a large university and these attempts happen on a regular basis. Oh well, better now than 2 months ago when you were not prepared with your new server. In think many of us are upset because of the attack but even more annoyed that it took time away from your already booked schedule. It is not like you have much time to spare with everyone demanding something from you. I am curious though, after a hard day at work I can come home and get an hour of CM in but when you go home do you shut the door to the world and do someones taxes or go off to a quarry for some hard physical labour? 0 Quote Link to comment Share on other sites More sharing options...
YankeeDog Posted March 27, 2010 Share Posted March 27, 2010 I am curious though, after a hard day at work I can come home and get an hour of CM in but when you go home do you shut the door to the world and do someones taxes or go off to a quarry for some hard physical labour? Steve lives in rural Maine. After a long day of work on CM, he has to shovel snow and forage for firewood on his weasel whilst fighting off rampaging giant moose armed only with a sharpened pine branch. In the (brief) summer, he doesn't have to deal with the snow, but does have to deal with the massive clouds of blackflies. 0 Quote Link to comment Share on other sites More sharing options...
Elmar Bijlsma Posted March 27, 2010 Share Posted March 27, 2010 Steve is minus his Weasel, IIRC. Which frees up his time for producing a bone. I have heard of subtlety. Never took to it. 0 Quote Link to comment Share on other sites More sharing options...
Battlefront.com Posted March 27, 2010 Share Posted March 27, 2010 I did split late season firewood yesterday, yes indeed. But in my mind I wasn't splitting wood, if you get what I mean. Heeeeeeeeere's Johnny! Steve 0 Quote Link to comment Share on other sites More sharing options...
Frenchy Posted March 28, 2010 Share Posted March 28, 2010 Tried reseting my customer account password as specified but have not received any email. Been over eight hours. Checked spam folder and it is empty. Hesitiant to try again. What's the next step? 0 Quote Link to comment Share on other sites More sharing options...
Eagle2 Posted March 28, 2010 Share Posted March 28, 2010 Tried reseting my customer account password as specified but have not received any email. Been over eight hours. Checked spam folder and it is empty. Hesitiant to try again. What's the next step? I've had the same problem mate. I don't know whats wrong with it, hopefully it sends soon... 0 Quote Link to comment Share on other sites More sharing options...
Battlefront.com Posted March 28, 2010 Share Posted March 28, 2010 It's probably hung up before it gets to your own personal SPAM filter. A lot of servers are really hesitant to pass through automated emails. Usually they get freed at some point. The important short term thing is that your password has been reset even if you haven't received the confirmation email. Obviously that doesn't help you out much if you need to get into your account! Check back in tomorrow and we'll try and help you out if your confirmations didn't show up. Steve 0 Quote Link to comment Share on other sites More sharing options...
Runaway!!! Posted March 28, 2010 Share Posted March 28, 2010 How do we know you're really Steve? =/ What's the missing eight letter word? Space _ _ _ _ _ _ _ _ 0 Quote Link to comment Share on other sites More sharing options...
Pvt. Ryan Posted March 28, 2010 Share Posted March 28, 2010 So, what, if anything, changed while the forum was down for maintenance today? 0 Quote Link to comment Share on other sites More sharing options...
Berto Posted March 28, 2010 Share Posted March 28, 2010 Tried reseting my customer account password as specified but have not received any email. Been over eight hours. Checked spam folder and it is empty. Hesitiant to try again. +1 , but usually I get mail from your address sales .... 0 Quote Link to comment Share on other sites More sharing options...
Nicdain Posted March 28, 2010 Share Posted March 28, 2010 Tried reseting my customer account password as specified but have not received any email. Been over eight hours. Checked spam folder and it is empty. Hesitiant to try again. Same here, I've tried twice but none of the message have been delivered. 0 Quote Link to comment Share on other sites More sharing options...
LukeFF Posted March 28, 2010 Share Posted March 28, 2010 Mr. hacker himself was in here as well just a day or two ago, but the message was quickly deleted. Claims he's not a hacker but "a pro who analyzes security weaknesses in servers for a fee." Yeah, right. 0 Quote Link to comment Share on other sites More sharing options...
Elmar Bijlsma Posted March 28, 2010 Share Posted March 28, 2010 It may not be your local spam filter it got caught in, but that of your ISP. 0 Quote Link to comment Share on other sites More sharing options...
jcmil Posted March 28, 2010 Share Posted March 28, 2010 Just wanted to say my forum account updated the password almost instantly but I'm still waiting for something from the customer account. Checked all possible folders on the mail server. OK it hasn't been 24 hours yet, but still makes me wonder.....:confused: 0 Quote Link to comment Share on other sites More sharing options...
Michael Emrys Posted March 28, 2010 Share Posted March 28, 2010 I did split late season firewood yesterday, yes indeed. But in my mind I wasn't splitting wood, if you get what I mean. Heeeeeeeeere's Johnny! Always worked for me. Thirty-five years ago I was living in a cabin in the mountains and my primary heat source was a wood burning stove. I would haul dead trees out of the canyon below my house and cut them up with a hand saw. That was hard work, let me tell you, to draw on an inner energy source and motivate myself, I would imagine that I was sawing through the neck of someone I particularly disliked. I always felt very refreshed afterwards, very cleansed. And I never ran out of firewood. Michael 0 Quote Link to comment Share on other sites More sharing options...
Frenchy Posted March 28, 2010 Share Posted March 28, 2010 Still nothing on my end. Nothing in spam folder either. Have not had problem with auto email from BFC until hack issues. Appreciate any help! It's probably hung up before it gets to your own personal SPAM filter. A lot of servers are really hesitant to pass through automated emails. Usually they get freed at some point. The important short term thing is that your password has been reset even if you haven't received the confirmation email. Obviously that doesn't help you out much if you need to get into your account! Check back in tomorrow and we'll try and help you out if your confirmations didn't show up. Steve 0 Quote Link to comment Share on other sites More sharing options...
Elmar Bijlsma Posted March 28, 2010 Share Posted March 28, 2010 Hmmm, strange, customer account reset does not appear to work. Nothing on my gmail account so far either. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.