Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread] - Page 3 - Fxpansion.com

Forum

FXpansion Forum

Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread]

General FX news, discussion, and a place to speak your mind

Moderators: Drew_BFDTeam, Andreas_FX, Rory_FX, Rhi_FX, Paul_fx, clare_fx, SKoT_FX, Steve_FX, john emrich, Mully_FX, mayur_FX, Angus_FX, Moderators

dflt
Posts: 1
Joined: Wed Sep 27, 2006 3:00 pm

Postby dflt » Thu May 30, 2013 5:28 am

rictheobscene wrote:I just got another e-mail from the Dub Turbo assclowns.


me too...

twisted-space
Posts: 5
Joined: Wed Apr 15, 2009 10:25 am

Postby twisted-space » Thu May 30, 2013 12:47 pm

purtington wrote:Can either of you forward it to support@dubturbo.com and explain how it got to you ?


Done

User avatar
SKoT_FX
Promulgator of Beats
Posts: 2419
Joined: Tue Sep 21, 2004 9:51 am
Location: FX Australia, Perth
Contact:

Postby SKoT_FX » Thu May 30, 2013 12:52 pm

We sent a "Please Explain... and quickly before we start turning the voltage up on the nipple clamps" email to DT (strangely, we have a form email for this...).

DubTurbo are providing us with info on the "rogue affiliate", and apparently doing all they can to shut him down, and want to open direct communications to help resolve this.

We are still hunting leads to see what the source of the email address list was; web admin team scanning webserver history.

Thanks for bearing with us.
SKoT McDonald
CTO FXpansion]

User avatar
rictheobscene
Posts: 14
Joined: Thu May 05, 2005 2:12 pm
Location: Right between the cutoff and resonance knobs
Contact:

Postby rictheobscene » Thu May 30, 2013 1:17 pm

Thanks SKoT

As you pointed out, our financial information doesn't reside in your servers; it resides in the PayPal / HSBC's servers. So, even in the worst case scenario, we will simply get annoying e-mails.

In fact, it's been many years since I made a purchase from you guys, so I doubt the card I used back then is still active. Of course, once I finally make a decision to move to a post-XP OS, my purchase record will get some new entries.

f0g
Posts: 7
Joined: Tue Jul 27, 2010 9:42 am

Postby f0g » Thu May 30, 2013 2:19 pm

SKoT_FX wrote:We sent a "Please Explain... and quickly before we start turning the voltage up on the nipple clamps" email to DT (strangely, we have a form email for this...).

DubTurbo are providing us with info on the "rogue affiliate", and apparently doing all they can to shut him down, and want to open direct communications to help resolve this.

We are still hunting leads to see what the source of the email address list was; web admin team scanning webserver history.

Thanks for bearing with us.


if the servers and info is based in the UK, then involve the police.. it comes under data protection.. IF you can prove the IP etc.

in short f'em up... I didn't give permission for my info to be given out. I get enough crappy spam on music forums I go on.. without them invading my mailbox also.. e.g. cakewalk has the kitchen gangster currently flooding it.

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 2:34 pm

unfortunately - if fxpansion have been hacked it's quite probable that they are the ones in breach of the Data Protection Act.

depending on the severity of the breach the ICO can:

"issue monetary penalty notices, requiring organisations to pay up to £500,000 for serious breaches of the Data Protection Act occurring on or after 6 April 2010, or serious breaches of the Privacy and Electronic Communications Regulations occurring on or after 26 May 2011"

f0g
Posts: 7
Joined: Tue Jul 27, 2010 9:42 am

Postby f0g » Thu May 30, 2013 3:53 pm

to a point.. I'm sure they locked away our details well enough.. but obviously it could have been done better.

I looked at the header where the email I got originates.. and it's from the US.. more than likely they didn't bounce it around the globe a few times, to hide the true identity.. normally if it's properly faked , you see some far far away land in the middle of nowhere.

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 4:25 pm

f0g wrote:I'm sure they locked away our details well enough.. .


evidently not !

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 5:16 pm

purtington wrote:
orange wrote:
f0g wrote:I'm sure they locked away our details well enough.. .


evidently not !


The details that matter are safe.


Steve


How do you know ?

At this stage it seems that even FXP don't

Your licences ?
Your email address and password- which might be your PayPal one too
Your address and telephone number for identity thieves ?

Amazing lack of response from FXP. No changes to their servers so probably still wide open

Drew_BFDTeam
Posts: 3883
Joined: Fri Jul 21, 2006 5:32 pm
Location: London, UK

Postby Drew_BFDTeam » Thu May 30, 2013 5:21 pm

Guys,

We currently have found NO evidence of a hack on our side of the fence. I'm sorry if that sounds like a cop-out, but it is the truth. We are investigating the issue and are in contact with Dub Turbo and the various parties involved. Please be patient with us.

User avatar
Lumix
Posts: 4
Joined: Tue May 18, 2010 9:09 pm

Postby Lumix » Thu May 30, 2013 5:35 pm

got the mail today with dubturbo.

http://i.imgur.com/Hf4peY4.png

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 5:45 pm

purtington wrote:
How do you know ?

At this stage it seems that even FXP don't

Your licences ?
Your email address and password- which might be your PayPal one too
Your address and telephone number for identity thieves ?

Amazing lack of response from FXP. No changes to their servers so probably still wide open


Bank details aren't held by fxpansion and even if they had my paypal password (which isn't the same as my forum password)
they'd still need a whole lot of other details before they could do anything with it.

As for fx product passwords, what use would they be ? Ok they could let people on crack sites have them in which case I imagine fx would block those and give us new ones.
Where would they get my address and phone number from ? fx don't have those details AFIK

Steve


With respect, your reply demonstrates a lack of understanding of the (possible ?) situation

FXP are certainly holding those details on my account. Don't know about yours.

If you want to post your email address and PayPal password here I think you'll find out pretty quickly what can happen

Platinum Samples
Posts: 4926
Joined: Fri Jun 16, 2006 5:43 pm
Location: Los Angeles, CA
Contact:

Postby Platinum Samples » Thu May 30, 2013 6:05 pm

They wouldn't have your paypal password - that's stored locally on your own computer if anywhere

Rail
Image

orange
Posts: 59
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 6:36 pm

Platinum Samples wrote:They wouldn't have your paypal password - that's stored locally on your own computer if anywhere

Rail


Obviously !

The point I'm making is that many people reuse the same passwords. Is the password you use NOT used for ANY other login anywhere? And at this stage many FXP customers will be unaware of any problem. FXP haven't gone out of their way to let them know. Because they suspect their bulk mailer FFS. Use another, mail by hand. Suspend logins to the website until they know what is going on. Are they totally asleep.

We're the FXP passwords encrypted ?

Contrast this to the response of Sony, Evernote etc when they lost data.

emef
Posts: 46
Joined: Sat Sep 23, 2006 6:00 pm
Location: blackpool, england
Contact:

Postby emef » Thu May 30, 2013 8:05 pm

just had another email from dubturbo on the fxpansion address


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 46 guests