Submit News Contact Us Translate Sign in Join

TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

There is more to Transformers than movies, cartoons, comics and toys. Discuss anything else Transformers here.

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby robofreak » Fri Mar 09, 2012 7:20 pm

TransBat wrote:I've been watching all of my funds like a hawk since Seibertron first alerted us to the issue, and found out this evening that I too am now another victim of the security breach. Keep close tabs on your funds everyone - the card in question (which has now been cancelled) was only used once when I went to my first/only BotCon in 2010 :(



Wait, are you sure that card was only used for Botcon 2010? If that's the case, then the breach in security has been going longer than just this incident.
Burn wrote:robofreak doesn't joke. He's all about the serious business of the internet.


ItIsHim wrote:My closet is filled to the brim with plastic children's toys. For myself
robofreak
City Commander
Posts: 3147
News Credits: 13
Joined: Tue Jun 10, 2008 9:05 pm
Location: Phoenix

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby TransBat » Fri Mar 09, 2012 7:27 pm

My apologies, I just went back and reviewed my records, and the cancelled card in question was actually used twice at the TransFormers Collectors Club, once for BotCon 2010, and then late April 2011 for 4 deluxe Generations figures that were on sale at the time. I believe it was mentioned (or was it surmised?) that the hackers potentially had access to all previous records, hence the recommendations to cancel any card used with the Club in general.
TransBat
Micromaster
Posts: 69
News Credits: 1
Joined: Thu May 24, 2007 7:05 am
Location: Gainesville, FL

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Seibertron » Sat Mar 10, 2012 1:03 am

Motto: "Tell my tale to those who ask. Tell it truly; the ill deeds along with the good, and let me be judged accordingly. The rest ... is silence."
Weapon: Twin Shock-Concussion Missiles
chuckdawg1999 wrote:Food for thought. When Hasbro pulled the license from 3H FunPub was already in the picture since they were doing JoeCon. There isn't anyone in the picture now to take over for FunPub and more importantly, who would want to?


CybertronCon is looking pretty good to me right about now. The people that are running that have been great to work with. They treat us with respect, present us with interview, photo, and press opportunities, get us into events as media, and seem to be doing what they should be doing with sites like Seibertron.com. You know ... actual public relations. Hopefully Hasbro is taking note.
Image

Current Want List: Beast Wars Returns Strika, Sixknight (stickers or replacement), Browning, Dai Atlas, Guard City, Battle Gaia, Marlboro Wheeljack, and more!
User avatar
Seibertron
Site Owner
Posts: 23360
News Credits: 753
Joined: Mon Sep 24, 2001 5:17 pm
Location: Chicago
Watch Seibertron on YouTube
Buy from Seibertron on eBay
Strength: 10
Intelligence: 9
Speed: 7
Endurance: 9
Rank: 10+
Courage: 8
Firepower: 5
Skill: 10+

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Burn » Sat Mar 10, 2012 1:26 am

When FunPub got the licence, their tech was most likely up to date.

They just neglected to move with the times.
User avatar
Burn
Forum Admin
Posts: 38346
News Credits: 59
Joined: Mon Jun 30, 2003 2:37 am

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Seibertron » Sat Mar 10, 2012 1:34 am

Motto: "Tell my tale to those who ask. Tell it truly; the ill deeds along with the good, and let me be judged accordingly. The rest ... is silence."
Weapon: Twin Shock-Concussion Missiles
Burn wrote:When FunPub got the licence, their tech was most likely up to date.

They just neglected to move with the times.


You mean when they got the G.I. Joe license? :D
Image

Current Want List: Beast Wars Returns Strika, Sixknight (stickers or replacement), Browning, Dai Atlas, Guard City, Battle Gaia, Marlboro Wheeljack, and more!
User avatar
Seibertron
Site Owner
Posts: 23360
News Credits: 753
Joined: Mon Sep 24, 2001 5:17 pm
Location: Chicago
Watch Seibertron on YouTube
Buy from Seibertron on eBay
Strength: 10
Intelligence: 9
Speed: 7
Endurance: 9
Rank: 10+
Courage: 8
Firepower: 5
Skill: 10+

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Burn » Sat Mar 10, 2012 1:54 am

Yeah well that's probably more accurate considering for the first five years when I was a member they had to process my credit card manually every time because their check out system had trouble with some foreign cards.
User avatar
Burn
Forum Admin
Posts: 38346
News Credits: 59
Joined: Mon Jun 30, 2003 2:37 am

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Oilspill » Sat Mar 10, 2012 4:23 am

My bank just detected fraudulent activity on my card last night, so be warned that if you thought the fraudsters hadn't got a hold of your card details, they probably have, they just may not have tried it yet.

I've regularly used this card all over the net for 5 years and never had a problem, then join TFCC a couple of months back and now it has been compromised.

I won't be rejoining unless they offer a more secure payment method like paypal.
Image
User avatar
Oilspill
Transmetal Warrior
Posts: 809
News Credits: 5
Joined: Wed Dec 05, 2007 11:29 pm
Location: Western Australia

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby chuckdawg1999 » Sat Mar 10, 2012 5:33 pm

Motto: "The man, the myth, the legend... yeah right."
Weapon: Saber Blade
My check has cleared so I'm officially a member for 2012. Depending how things go this really might be my last year.
Image
Image
User avatar
chuckdawg1999
City Commander
Posts: 3414
News Credits: 39
Joined: Wed May 26, 2004 3:51 pm
Location: New York
Watch chuckdawg1999 on YouTube
Buy from chuckdawg1999 on eBay
Strength: 10
Intelligence: 10
Speed: 10
Endurance: 10
Rank: 10
Courage: 10
Firepower: 10
Skill: 10

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby autobot_goldbug » Sat Mar 10, 2012 8:54 pm

Oilspill wrote:I won't be rejoining unless they offer a more secure payment method like paypal.


That isn't more secure though. I had someone from Australia pay me for some Transformers. However my payment ended up in Malaysia instead.

I hope everyone that gets fraudulent charges does contact Fun Pub and Hasbro.
Also it wouldn't hurt to file a complaint with the BBB.org.
User avatar
autobot_goldbug
Mini-Con
Posts: 42
Joined: Sun Apr 04, 2004 3:56 pm

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Seibertron » Sat Mar 10, 2012 9:30 pm

Motto: "Tell my tale to those who ask. Tell it truly; the ill deeds along with the good, and let me be judged accordingly. The rest ... is silence."
Weapon: Twin Shock-Concussion Missiles
Do any of the following complaints though actually depict what has happened to us as consumers? Or rather ... which complaint best summarizes what has been your experience?

  • ---- Please Select the Nature of your Complaint --
  • Advertising Issues - An advertisement misrepresenting a product
  • Advertising Issues - An advertisement misrepresenting a service
  • Advertising Issues - A bait & switch advertisement
  • Advertising Issues - An advertising price the seller will not honor
  • Advertising Issues - An advertising term the seller will not honor
  • Advertising Issues - An advertisement that failed to disclose all conditions required to take advantage of an offer
  • Advertising Issues - An advertisement of a product that is not available
  • Advertising Issues - An advertisement of a service that is not available
  • Advertising Issues - An advertisement with unrealistic/unsubstantiated claims
  • Billing or Collection Issues - The company has failed to correct billing errors
  • Billing or Collection Issues - The company has processed an unauthorized credit card charges
  • Billing or Collection Issues - The company has processed an unauthorized bank debit
  • Billing or Collection Issues - The company has failed to provide itemized billing
  • Billing or Collection Issues - The company has failed to provide an explanation of charges
  • Billing or Collection Issues - The company has unethical collection practices
  • Contract Issues - The authenticity or validity of a contract is in question
  • Contract Issues - Work performed was outside the terms of the contract or agreement
  • Contract Issues - A failure to honor a contract or agreement
  • Contract Issues - Unauthorized changes to the contract or agreement
  • Customer Service Issues - Customer service failed to provide assistance
  • Customer Service Issues - The failure to respond to phone calls or written requests for assistance or support
  • Customer Service Issues - The inappropriate behavior by customer service personnel
  • Delivery Issues - The late delivery of products
  • Delivery Issues - The late delivery of services
  • Delivery Issues - The non-delivery of products
  • Delivery Issues - The non-delivery of services
  • Delivery Issues - A delivery regarding receipt of unordered products
  • Delivery Issues - A delivery regarding receipt of unordered services
  • Guarantee Or Warranty Issues - A failure to honor money-back guarantees
  • Guarantee Or Warranty Issues - A failure to honor service under the terms of warranties
  • Guarantee Or Warranty Issues - A dispute regarding the warranty coverage and/or terms
  • Guarantee Or Warranty Issues - The failure to provide a promised written warranty or guarantee
  • Product Issues - The product I purchased was defective
  • Refund / Exchange Issues - The company failed to honor their policy regarding refund, exchange or credit
  • Refund / Exchange Issues - The company failed to honor a verbal commitment to provide refunds, exchanges, or credit
  • Repair Issues - An improper or inferior repair
  • Repair Issues - An unreasonable or excessive delay in completing a repair
  • Repair Issues - An unauthorized repair
  • Repair Issues - The repairs resulted in additional damage
  • Repair Issues - The failure to provide an invoice or estimate for repair upon request
  • Repair Issues - The failure to honor a repair estimate or agreement
  • Repair Issues - The failure to honor an advaced request to return the parts
  • Sales Issues - A sales presentation that misrepresents the product
  • Sales Issues - A sales presentation that misrepresents the service
  • Sales Issues - A sales presentation with unethical sales practices
  • Sales Issues - A sales presentation with high pressure sales
  • Sales Issues - A sales presentation that had a verbal representation not consistent with the written agreement
  • Sales Issues - A sales presentation not consistent with the advertisement
  • Sales Issues - A sales presentation that failed to disclose key conditions of the offer
  • Sales Issues - A sales presentation that did not disclose complete pricing information
  • Service Issues - An improper or inferior service
  • Service Issues - An unreasonable or excessive delay in completing service
  • Service Issues - An unauthorized service
  • Service Issues - The services provided resulted in additional damage
  • Service Issues - The failure to provide an invoice or written estimate for service upon request
  • Service Issues - The failure to honor a service estimate or agreement
Image

Current Want List: Beast Wars Returns Strika, Sixknight (stickers or replacement), Browning, Dai Atlas, Guard City, Battle Gaia, Marlboro Wheeljack, and more!
User avatar
Seibertron
Site Owner
Posts: 23360
News Credits: 753
Joined: Mon Sep 24, 2001 5:17 pm
Location: Chicago
Watch Seibertron on YouTube
Buy from Seibertron on eBay
Strength: 10
Intelligence: 9
Speed: 7
Endurance: 9
Rank: 10+
Courage: 8
Firepower: 5
Skill: 10+

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Banjo-Tron » Sun Mar 11, 2012 3:52 am

Motto: "My banjo is everything; defeat is ukelele"
1) Billing or Collection Issues - The company has unethical collection practices

It depends what is meant by 'collection' in this context, but you could argue that not making best effort to encrypt customer data falls under ethics

2)
Service Issues - An improper or inferior service


'Improper' because their service broke, 'inferior' because it is such an antiquated UI and Backend

3)
Service Issues - An unauthorized service


Not sure if this could be interpreted to include unauthorised transactions

Of these 3, I would go for number 2, as it seems to fit the best.
User avatar
Banjo-Tron
Godmaster
Posts: 1690
News Credits: 2
Joined: Wed Oct 19, 2011 6:51 am
Location: UK, Surrey

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby El Duque » Tue Mar 27, 2012 6:16 pm

Motto: "I ain't got time to bleed!"
Weapon: Gattling Gun
Fun Publications/TFCC have issued the following update regarding their recent security issues.

Image


Here is the latest update on the credit card security investigation.

The firm we have hired to analyze our former ecommerce server and software has preliminarily determined that we did incur a SQL injection code attack sometime before Christmas. Our ISP did have a commercial product installed that was supposed to defeat these types of attacks, but apparently it failed.

This allowed the hackers access to our order information. While it is still unknown exactly what data they were able to harvest (investigation continues) we need to assume that they were able to extract all of our order information. The security firm thinks that this attack has allowed the hackers to come back periodically and harvest more information. However, once the old server was taken out of service (around February 21st) there was nothing left for them to access.

Once this information was stolen, (no matter if it was back before Christmas) there is no time frame as to when the thieves may sell or try to use the information to purport credit card theft.

What does this mean to me?

We are asking again that anyone who has used a credit card in our old online systems in the past year (NOT THE NEW STORE) to get your card replaced immediately. If you have done this already, there is no action required on your part.

We apologize for the inconvenience, we know this whole thing is a pain, but it is better to replace the cards than have to deal with any issues that may result from this theft of data. Even though the amount of fraud has greatly declined, we are still receiving a customer report every few days of someone else (who hasn’t replaced their cards) getting hit. We strongly encourage you to take this step immediately if you have not done so already. Again, this DOES NOT pertain to any cards that have been used in the new store.

What is the plan?

We are still working on all of the issues and are several weeks away from a final resolution. Our new store is currently offline while we complete the entries and audit the data from the renewals we received last week. Just to reiterate, this new store is a totally different piece of software, at a totally different hosting site. There are hundreds of other retailers using this same software as it is hosted by the software creators.

We hope to have the store online and registration system back online sometime next week. When the store comes back online, we will be adding products slowly so it will take some time to have everything back in the store.

Thank you for your patience and support during this trying issue.

Brian
User avatar
El Duque
Matrix Keeper
Posts: 9913
News Credits: 89
Joined: Sun Apr 01, 2007 8:57 pm
Location: tornado alley

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby ubertenorman » Tue Mar 27, 2012 6:44 pm

Weapon: Double Beam Guns
This is the kind of correspondance that should have happened a month ago.
Image
User avatar
ubertenorman
Fuzor
Posts: 225
News Credits: 2
Joined: Sat Sep 11, 2010 5:23 pm
Buy from ubertenorman on eBay
Strength: 6
Intelligence: 8
Speed: 4
Endurance: 7
Rank: 8
Courage: 9
Firepower: 3
Skill: 9

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby triKlops » Tue Mar 27, 2012 6:54 pm

Motto: "I’m the rising sun, I’m the new tomorrow, I’m the skull on the gun, I’m the song of sorrow; I’m the thirteenth arrow, I’m the wisest owl, I’m a soul-eating predator, I’m on the prowl"
Weapon: Energo-Sword
agreed
Image
User avatar
triKlops
Headmaster
Posts: 1019
News Credits: 3
Joined: Tue Jan 19, 2010 1:35 am
Location: Rhode Eye Land

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Emperor Galvatron » Tue Mar 27, 2012 7:28 pm

Weapon: Fusion Cannon
El Duque wrote:Fun Publications/TFCC have issued the following update regarding their recent security issues.

Image


Here is the latest update on the credit card security investigation.

The firm we have hired to analyze our former ecommerce server and software has preliminarily determined that we did incur a SQL injection code attack sometime before Christmas. Our ISP did have a commercial product installed that was supposed to defeat these types of attacks, but apparently it failed.

This allowed the hackers access to our order information. While it is still unknown exactly what data they were able to harvest (investigation continues) we need to assume that they were able to extract all of our order information. The security firm thinks that this attack has allowed the hackers to come back periodically and harvest more information. However, once the old server was taken out of service (around February 21st) there was nothing left for them to access.

Once this information was stolen, (no matter if it was back before Christmas) there is no time frame as to when the thieves may sell or try to use the information to purport credit card theft.

What does this mean to me?

We are asking again that anyone who has used a credit card in our old online systems in the past year (NOT THE NEW STORE) to get your card replaced immediately. If you have done this already, there is no action required on your part.

We apologize for the inconvenience, we know this whole thing is a pain, but it is better to replace the cards than have to deal with any issues that may result from this theft of data. Even though the amount of fraud has greatly declined, we are still receiving a customer report every few days of someone else (who hasn’t replaced their cards) getting hit. We strongly encourage you to take this step immediately if you have not done so already. Again, this DOES NOT pertain to any cards that have been used in the new store.

What is the plan?

We are still working on all of the issues and are several weeks away from a final resolution. Our new store is currently offline while we complete the entries and audit the data from the renewals we received last week. Just to reiterate, this new store is a totally different piece of software, at a totally different hosting site. There are hundreds of other retailers using this same software as it is hosted by the software creators.

We hope to have the store online and registration system back online sometime next week. When the store comes back online, we will be adding products slowly so it will take some time to have everything back in the store.

Thank you for your patience and support during this trying issue.

Brian


So if they have all of our order information, they also have our names, ages, addresses, etc that was stored on their site.

Well, that's just peachy.

Hey, cancel your credit cards, never mind the identity theft potential. Disregard the man behind the curtain. :HEADHURTS:
Image
Emperor Galvatron
Gestalt
Posts: 2267
News Credits: 3
Joined: Sun Aug 24, 2003 6:06 pm
Buy from Emperor Galvatron on eBay
Strength: 8
Intelligence: 8
Speed: 2
Endurance: 6
Rank: 8
Courage: 9
Firepower: 6
Skill: 8

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby autobot_goldbug » Tue Mar 27, 2012 7:32 pm

There was also this bizarre occurrence...
http://www.tfw2005.com/boards/transform ... ost7449720
User avatar
autobot_goldbug
Mini-Con
Posts: 42
Joined: Sun Apr 04, 2004 3:56 pm

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Stormrider » Tue Mar 27, 2012 7:49 pm

Weapon: Atom-Smasher Cannon
I am not happy for several reasons. How could their security fail and no one noticed it for several months? I still think they are still down playing the threat. The thieves may have had access to our addresses and DOB. They really should be telling people watch your credit reports like a hawk. Fraudulent charges on your credit card are easy to spot. Identity theft and new credit cards that get opened fraudulently in your name using your stolen DOB is not so easy to spot.
Image
Stormrider
Matrix Keeper
Posts: 8608
News Credits: 37
Joined: Tue Mar 14, 2006 5:24 am
Location: USA

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby datguy86 » Tue Mar 27, 2012 7:53 pm

Motto: "SHEEAGH!"
You can add me to the growing list of people who've been hit. Card's canceled, all items are not my fault - but all signs point to FunPub.
Image

Actively Searching: Universe 2.0 Ratchet, Universe 2.0 Inferno, Hasbro Masterpiece Starscream
datguy86
Vehicon
Posts: 395
News Credits: 1
Joined: Tue Jun 14, 2011 12:18 pm
Location: Pennsyltucky
Strength: 5
Intelligence: 7
Speed: 4
Endurance: 5
Rank: 3
Courage: 8
Firepower: 5
Skill: 6

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Rated X » Tue Mar 27, 2012 7:58 pm

Motto: ""Assumption is the mother of all screw ups.""
Weapon: Saw-Edged Pincer
Emperor Galvatron wrote:
El Duque wrote:Fun Publications/TFCC have issued the following update regarding their recent security issues.

Image


Here is the latest update on the credit card security investigation.

The firm we have hired to analyze our former ecommerce server and software has preliminarily determined that we did incur a SQL injection code attack sometime before Christmas. Our ISP did have a commercial product installed that was supposed to defeat these types of attacks, but apparently it failed.

This allowed the hackers access to our order information. While it is still unknown exactly what data they were able to harvest (investigation continues) we need to assume that they were able to extract all of our order information. The security firm thinks that this attack has allowed the hackers to come back periodically and harvest more information. However, once the old server was taken out of service (around February 21st) there was nothing left for them to access.

Once this information was stolen, (no matter if it was back before Christmas) there is no time frame as to when the thieves may sell or try to use the information to purport credit card theft.

What does this mean to me?

We are asking again that anyone who has used a credit card in our old online systems in the past year (NOT THE NEW STORE) to get your card replaced immediately. If you have done this already, there is no action required on your part.

We apologize for the inconvenience, we know this whole thing is a pain, but it is better to replace the cards than have to deal with any issues that may result from this theft of data. Even though the amount of fraud has greatly declined, we are still receiving a customer report every few days of someone else (who hasn’t replaced their cards) getting hit. We strongly encourage you to take this step immediately if you have not done so already. Again, this DOES NOT pertain to any cards that have been used in the new store.

What is the plan?

We are still working on all of the issues and are several weeks away from a final resolution. Our new store is currently offline while we complete the entries and audit the data from the renewals we received last week. Just to reiterate, this new store is a totally different piece of software, at a totally different hosting site. There are hundreds of other retailers using this same software as it is hosted by the software creators.

We hope to have the store online and registration system back online sometime next week. When the store comes back online, we will be adding products slowly so it will take some time to have everything back in the store.

Thank you for your patience and support during this trying issue.

Brian


So if they have all of our order information, they also have our names, ages, addresses, etc that was stored on their site.

Well, that's just peachy.

Hey, cancel your credit cards, never mind the identity theft potential. Disregard the man behind the curtain. :HEADHURTS:



I would think someone would need your social security number to do any real damage in identity theft. That’s how illegal immigrants get legit jobs.
Image

Check out my Customs:

Classics Pounce and Wingspan
classics-pounce-and-wingspan-t95811.php

Generations Twincast
generations-twincast-t94088.php

Collection photos will be updated soon at this link :
http://www.seibertron.com/energonpub/rated-x-s-collection-t55699.php
User avatar
Rated X
Guardian Of Seibertron
Posts: 5854
Joined: Mon Dec 08, 2008 6:25 pm
Location: Miami, Florida
Strength: 5
Intelligence: 8
Speed: 2
Endurance: 10
Rank: 7
Courage: 10+
Firepower: 10+
Skill: 8

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Stormrider » Tue Mar 27, 2012 8:06 pm

Weapon: Atom-Smasher Cannon
You are 100% right. A social security # is needed for most identity theft. But acquiring the SS# is not as difficult as most think. The numbers that make it up represent the year and region that you were born in. The remaining numbers can often be deduced.

It's not too difficult to figure out the place you were born, if I know your DOB and full name.

When my identity was stolen. Initially, the thieves opened several small accounts using my name and DOB. They did not use my SS#. (My theory is that they didn't have it at that time). Three months later, they figured it out and the flood gates were opened.


Ryan, or others that deal with website design - isn't mandatory for companies nowadays to properly store credit card numbers? Have some laws been broken on FunPub's part?
Last edited by Stormrider on Tue Mar 27, 2012 8:09 pm, edited 1 time in total.
Image
Stormrider
Matrix Keeper
Posts: 8608
News Credits: 37
Joined: Tue Mar 14, 2006 5:24 am
Location: USA

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Court Jester » Tue Mar 27, 2012 8:08 pm

=;
I thought it was going to be something about how they're going to make it up to their members.
Surprised to read them attempting to garner sympathy... again. The fans should come first.

We know their security failed; even they do. What do they expect from this press release, a pat on the shoulder? No, a trust has been broken. How about doing something small like calling up their artists and requesting an emergency 2-page comic based on the Run Bros - and sending the comic to its members via PDF? You know, something...

It's about the effort put into things (based on the hobby) that show you care more about your consumer base than to send out pointless emails that attempt to quell legal action. Report on the issue when the issue is resolved.

Until then, make me feel the membership is more than just a $60 toy and its $40 "freebie" companion - cuz right now, that's the reality.
Court Jester

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby GetRightRobot » Tue Mar 27, 2012 8:34 pm

Motto: "Surf in the Summer, Collect in the Winter."
Weapon: Neptune Sword
All well and good guys. Goodluck to you in the future. Personally, I will be shopping from scalpers. Less risk, more cost....and...I can live with that. :D
User avatar
GetRightRobot
Godmaster
Posts: 1702
News Credits: 16
Joined: Sat Jan 01, 2011 1:54 pm
Location: MB SC!!!
Watch GetRightRobot on YouTube
Buy from GetRightRobot on eBay
Strength: 5
Intelligence: 2
Speed: 9
Endurance: 7
Courage: Infinity
Firepower: 7
Skill: 7

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Seibertron » Tue Mar 27, 2012 11:24 pm

Motto: "Tell my tale to those who ask. Tell it truly; the ill deeds along with the good, and let me be judged accordingly. The rest ... is silence."
Weapon: Twin Shock-Concussion Missiles
Stormrider wrote:I am not happy for several reasons. How could their security fail and no one noticed it for several months? I still think they are still down playing the threat. The thieves may have had access to our addresses and DOB. They really should be telling people watch your credit reports like a hawk. Fraudulent charges on your credit card are easy to spot. Identity theft and new credit cards that get opened fraudulently in your name using your stolen DOB is not so easy to spot.


Just offering my opinion from someone who's got a lot of experience with this ...

Imagine SQL injections are similar to a computer virus of some sort ... you usually don't know if your computer has a virus, you usually don't know that someone is taking advantages of SQL injections until after something bad happens. In one scenario, someone finds a weakness in the site's code by manipulating the URL where variables are being passed (such as a transaction ID, a user ID, a store order ID, etc.). They are able to insert a malicious command into the code because the programmer didn't verify that the variable was an integer or didn't include various characters that shouldn't be passed to the query. I know how to prevent it in my code, but I might not be able to best explain in layman's terms.

Wikipedia has a great explanation / summary ...

(I've always said "see-kwell" for SQL, but it is often pronounced by it's letters S-Q-L)

An SQL injection is often used to attack the security of a website by inputting SQL statements in a web form to get a poorly designed website to perform operations on the database (often to dump the database content to the attacker) other than the usual operations as intended by the designer. SQL injection is a code injection technique that exploits a security vulnerability in a website's software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from the web form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.


Wikipedia's article can be found at http://en.wikipedia.org/wiki/Sql_injection
Image

Current Want List: Beast Wars Returns Strika, Sixknight (stickers or replacement), Browning, Dai Atlas, Guard City, Battle Gaia, Marlboro Wheeljack, and more!
User avatar
Seibertron
Site Owner
Posts: 23360
News Credits: 753
Joined: Mon Sep 24, 2001 5:17 pm
Location: Chicago
Watch Seibertron on YouTube
Buy from Seibertron on eBay
Strength: 10
Intelligence: 9
Speed: 7
Endurance: 9
Rank: 10+
Courage: 8
Firepower: 5
Skill: 10+

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby Seibertron » Wed Mar 28, 2012 1:27 am

Motto: "Tell my tale to those who ask. Tell it truly; the ill deeds along with the good, and let me be judged accordingly. The rest ... is silence."
Weapon: Twin Shock-Concussion Missiles
Stormrider wrote:Ryan, or others that deal with website design - isn't mandatory for companies nowadays to properly store credit card numbers?


Not at all. It's best practice for companies not to store credit card information such as the card number and CID, but there's nothing to mandate that. Just best practices. Kind of like it's best practice to look both ways before crossing the street but there isn't a law per se about it, not at least to my knowledge.
Image

Current Want List: Beast Wars Returns Strika, Sixknight (stickers or replacement), Browning, Dai Atlas, Guard City, Battle Gaia, Marlboro Wheeljack, and more!
User avatar
Seibertron
Site Owner
Posts: 23360
News Credits: 753
Joined: Mon Sep 24, 2001 5:17 pm
Location: Chicago
Watch Seibertron on YouTube
Buy from Seibertron on eBay
Strength: 10
Intelligence: 9
Speed: 7
Endurance: 9
Rank: 10+
Courage: 8
Firepower: 5
Skill: 10+

Re: TF Community Warning: Check your Credit and Debit Card accounts for recent fraudulent activity

Postby zodconvoy » Wed Mar 28, 2012 10:10 am

Motto: "Freedom is the right to KNEEL BEFORE ZOD!"
Seibertron wrote:
Stormrider wrote:Ryan, or others that deal with website design - isn't mandatory for companies nowadays to properly store credit card numbers?


Not at all. It's best practice for companies not to store credit card information such as the card number and CID, but there's nothing to mandate that. Just best practices. Kind of like it's best practice to look both ways before crossing the street but there isn't a law per se about it, not at least to my knowledge.


Looking both ways is not a law. The best way to tell is that every person hit by a car isn't counter sued for damage to the vehicle due to pedestrian negligence. Someone getting hit by a car also would not be covered by most insurance (auto or medical) until a legal determination of guilt has been given.

My grandfather and uncle were/are lawyers and it was explained to me this way: "if people aren't sued, ticketed, or arrested for it everyday, it's not against the law."

And my mom worked for Blue Cross (higher than midway up the corporate ladder) so common table talk was how insurance companies screw you and I know from experience that when you get hit by a car, you're covered! :lol:
Now for Sale!

HUGE MASTERPIECE CLEARANCE SALE!
NOW ON eBAY:

MP-10B BLACK CONVOY W/COIN!
TRU SOUNDWAVE LOOSE BUT COMPLETE!
FANS TOYS QUAKE WAVE!
PROWL & STREAK!
KO MP-10 CONVOY!
In the US and the cheapest on eBay!

Also:
Fansproject City Commander w/ Magnus & Reprolabels!
TFCC Dion w/ Coptor
Diablock Convoy

Visit My Store!
Image
User avatar
zodconvoy
City Commander
Posts: 3025
News Credits: 3
Joined: Fri Mar 02, 2007 12:47 am
Location: the Nemesis, PA
Buy from zodconvoy on eBay

PreviousNext

Return to Transformers General Discussion