Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread] - Page 2 - Fxpansion.com

Forum

FXpansion Forum

Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread]

General FX news, discussion, and a place to speak your mind

Moderators: Drew_BFDTeam, Andreas_FX, Rory_FX, Rhi_FX, Paul_fx, clare_fx, SKoT_FX, Steve_FX, john emrich, Mully_FX, mayur_FX, Angus_FX, Moderators

Platinum Samples
Posts: 4926
Joined: Fri Jun 16, 2006 5:43 pm
Location: Los Angeles, CA
Contact:

Postby Platinum Samples » Tue May 28, 2013 11:32 pm

It's after midnight in London... Most websites do not save your financial information (CC numbers, etc).

Rail
Image

Spectralis
Posts: 6
Joined: Fri Sep 22, 2006 6:58 pm

Postby Spectralis » Tue May 28, 2013 11:42 pm

Platinum Samples wrote:It's after midnight in London... Most websites do not save your financial information (CC numbers, etc).

Rail


I know that but isn't there a system in place to warn FXpansions if their site has been hacked? If someone breaks into a shop the alarms go off and it's dealt with urgently. I'd like an official response about what details are held by the site, if any, and whether any of this info has been compromised. Leaving this situation unresolved until the morning is not a responsible way to deal with stolen personal information if that is the case.

pokitbot
Posts: 2
Joined: Sat Nov 03, 2012 8:57 am

Postby pokitbot » Wed May 29, 2013 1:06 am

Based on this forum and others, the scammers have the fxpansion contact/user list, so I too am interested to know what other personal/financial information they got? And quickly.

PS Tried reset password feature and that email has not arrived.

User avatar
Lumix
Posts: 4
Joined: Tue May 18, 2010 9:09 pm

Postby Lumix » Wed May 29, 2013 1:54 am

i havnt recieved any mail with that. not even in the junk mail filter. really strange.

f0g
Posts: 7
Joined: Tue Jul 27, 2010 9:42 am

Postby f0g » Wed May 29, 2013 1:56 am

not sure if this helps pinpoint when it happened

but only in the past few days (maybe under a week a week) I've changed my email address in my account.. so wherever they got my info from.. it's been done very recently.

maybe it's a flaw in this forum software ? as that also uses the same email..

*BUT* I am not impressed if a 3rd party has my address details and perhaps registration details also.

I don't trust companies with any of my card details after some little person from "git" (replace with a far ruder word) tried to buy £120 of games off steam using my money. thankfully it was stopped and they got sod all.

Spectralis
Posts: 6
Joined: Fri Sep 22, 2006 6:58 pm

Postby Spectralis » Wed May 29, 2013 4:32 am

pokitbot wrote:Based on this forum and others, the scammers have the fxpansion contact/user list, so I too am interested to know what other personal/financial information they got? And quickly.

PS Tried reset password feature and that email has not arrived.


I've not changed my password in case these scammers (still?) have access to the website. They'll just update this info with the new password. This happened nearly six hours ago and no update from FXpansions.

Spectralis
Posts: 6
Joined: Fri Sep 22, 2006 6:58 pm

Postby Spectralis » Wed May 29, 2013 4:38 am

f0g wrote:not sure if this helps pinpoint when it happened

but only in the past few days (maybe under a week a week) I've changed my email address in my account.. so wherever they got my info from.. it's been done very recently.

maybe it's a flaw in this forum software ? as that also uses the same email..

*BUT* I am not impressed if a 3rd party has my address details and perhaps registration details also.

I don't trust companies with any of my card details after some little person from "git" (replace with a far ruder word) tried to buy £120 of games off steam using my money. thankfully it was stopped and they got sod all.


If they've hacked our emails from FXpansions website then they'll probably have our personal details too. Not sure about financial details though as this might be handled by a bank. I'm just trying to remember how I paid for stuff I bought from this site. I think I did have to input card details but this may have been after being redirected to another website. Who knows? That's why I really wish FXpansion would update us about the situation asap please!

Basjoe
Posts: 23
Joined: Sun Jan 08, 2012 5:47 pm

Postby Basjoe » Wed May 29, 2013 5:03 am

I got spammed too, same scam.

Basjoe

User avatar
SKoT_FX
Promulgator of Beats
Posts: 2419
Joined: Tue Sep 21, 2004 9:51 am
Location: FX Australia, Perth
Contact:

Postby SKoT_FX » Wed May 29, 2013 10:58 am

Hi all,

To the best of our current knowledge, only email addresses have been sniffed somehow - possibly during a newsletter mailout a few years back. Thus, your other personal details should be safe.

In particular, and most importantly, your credit card details are as safe as a global bank like HSBC or Paypal can make them. We don't process that info on our own systems.

We do apologise for the annoyance and spam, but at this stage we think that is all it is.

Our investigations will continue however, and our Big Stick will be especially sharpened, as we certainly don't further spam appearing to originate from us.

- SKoT
SKoT McDonald
CTO FXpansion]

User avatar
SKoT_FX
Promulgator of Beats
Posts: 2419
Joined: Tue Sep 21, 2004 9:51 am
Location: FX Australia, Perth
Contact:

Postby SKoT_FX » Wed May 29, 2013 1:35 pm

Yes, we will be emailing out.... we're just trying to rule out our bulk-email sending service as a source! ;)

Thanks for you suggestions & patience...
SKoT McDonald

CTO FXpansion]

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Wed May 29, 2013 3:24 pm

SKoT_FX wrote:Hi all,

To the best of our current knowledge, only email addresses have been sniffed somehow - possibly during a newsletter mailout a few years back. Thus, your other personal details should be safe.


I see that people on the cakewalk forum have recently changed their contact details and received the spam - so "a few years" back doesn't seem likely

it's fairly obviously a hack

what have you done to secure your web/database servers since. I see that everything is still online as normal. I assume you have a plan for this. How safe is our data ?

Kickflip
Posts: 798
Joined: Sat Dec 30, 2006 1:24 pm

Postby Kickflip » Wed May 29, 2013 11:35 pm

I don't know what's going on with these people, but there's some hella spamming going on. They posted the following comment on one of my circuit bent videos:

http://youtu.be/OCHpE5U6nLc

"Erika Yulita 2 weeks ago
Guys, make your own beats doesn't need to be hard (I used to feel it did). I'll give you some advice right now. Search a beat making software called Kinoteron Beat Turbo (google it). I probably should not even be mentioning it because I don't want a bunch of other folks out there running the same "game" but whatever, I am just in a great mood today so I will share the wealth haha."

Googling the software brings up a bunch of review pages (probably placed there by whoever these people are) and one page about the actual Kinoteron software. Clicking the links on that page takes you to the Dub Turbo site.

Even weirder, the Kinoteron page has this image to back up its credibility:


Image

I don't know about you guys, but I always get the best music tech tips from Christian Science Monitor, Working Mother, Divorce Magazine and Minnesota Lawyer.
Hackintosh Q6600 : 4Gb DDR2 : OSX Leopard 10.5.8 : Logic 9.1.5 : Mackie Onyx Satellite : UAD1 x 2 : Akai MPD32

Music
http://www.soundcloud.com/kickflip

Circuit Bent Madness
http://www.bogus-noise.co.uk

Science
Posts: 14
Joined: Sun Oct 24, 2010 10:35 pm

A little bit nervous.....

Postby Science » Wed May 29, 2013 11:50 pm

When a message like this ends up in your gmail under your "online purchases" tab it's a bit worrying - dubturbo dot com has been shut down by the looks of it - running my ESET scan Malwarebytes and windows defender right now... although the most worrying thing is that I opened the message on my phone first!

Science
Posts: 14
Joined: Sun Oct 24, 2010 10:35 pm

Postby Science » Thu May 30, 2013 12:04 am

Hmm I got a weird notice saying something about malicious content... now I'm even more worried! - maybe it was google or my antivirus stopping access.. should have screen grabbed it...

User avatar
rictheobscene
Posts: 14
Joined: Thu May 05, 2005 2:12 pm
Location: Right between the cutoff and resonance knobs
Contact:

Postby rictheobscene » Thu May 30, 2013 12:38 am

I just got another e-mail from the Dub Turbo assclowns.


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 70 guests