Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread] - Page 4 - Fxpansion.com

Forum

FXpansion Forum

Did FXPansion's e-mail get hacked? [FX: Server breach & sender spoofing. Details at end of thread]

General FX news, discussion, and a place to speak your mind

Moderators: Drew_fx, john emrich, Mully_FX, mayur_FX, Angus_FX, Andreas_FX, Rory_FX, Rhi_FX, Paul_fx, clare_fx, SKoT_FX, Steve_FX, Moderators

orange
Posts: 48
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 5:16 pm

purtington wrote:
orange wrote:
f0g wrote:I'm sure they locked away our details well enough.. .


evidently not !


The details that matter are safe.


Steve


How do you know ?

At this stage it seems that even FXP don't

Your licences ?
Your email address and password- which might be your PayPal one too
Your address and telephone number for identity thieves ?

Amazing lack of response from FXP. No changes to their servers so probably still wide open

Drew_fx
Posts: 3827
Joined: Fri Jul 21, 2006 5:32 pm
Location: London, UK

Postby Drew_fx » Thu May 30, 2013 5:21 pm

Guys,

We currently have found NO evidence of a hack on our side of the fence. I'm sorry if that sounds like a cop-out, but it is the truth. We are investigating the issue and are in contact with Dub Turbo and the various parties involved. Please be patient with us.

User avatar
Lumix
Posts: 4
Joined: Tue May 18, 2010 9:09 pm

Postby Lumix » Thu May 30, 2013 5:35 pm

got the mail today with dubturbo.

http://i.imgur.com/Hf4peY4.png

User avatar
purtington
Posts: 2954
Joined: Wed May 16, 2007 9:37 am
Location: Bristol UK
Contact:

Postby purtington » Thu May 30, 2013 5:40 pm

How do you know ?

At this stage it seems that even FXP don't

Your licences ?
Your email address and password- which might be your PayPal one too
Your address and telephone number for identity thieves ?

Amazing lack of response from FXP. No changes to their servers so probably still wide open


Bank details aren't held by fxpansion and even if they had my paypal password (which isn't the same as my forum password)
they'd still need a whole lot of other details before they could do anything with it.

As for fx product licences what use would they be ?
Ok they could let people on crack sites have them in which case I imagine fx would block those and give us new ones.
Where would they get my address and phone number from ?
fx don't have those details AFIK

Steve
https://soundcloud.com/steve-corr

GA-X58A-UD3R,
Intel i7 930, 2.8Ghz, Overclocked at 3.40Ghz
12GB Corsair DDR3 Ram
WD Caviar Black, 6Gb X 2
+ 500GB SSD drive for BFD Samples
focusrite scarlett 2i4
Windows 10 + windows 7 32bit

orange
Posts: 48
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 5:45 pm

purtington wrote:
How do you know ?

At this stage it seems that even FXP don't

Your licences ?
Your email address and password- which might be your PayPal one too
Your address and telephone number for identity thieves ?

Amazing lack of response from FXP. No changes to their servers so probably still wide open


Bank details aren't held by fxpansion and even if they had my paypal password (which isn't the same as my forum password)
they'd still need a whole lot of other details before they could do anything with it.

As for fx product passwords, what use would they be ? Ok they could let people on crack sites have them in which case I imagine fx would block those and give us new ones.
Where would they get my address and phone number from ? fx don't have those details AFIK

Steve


With respect, your reply demonstrates a lack of understanding of the (possible ?) situation

FXP are certainly holding those details on my account. Don't know about yours.

If you want to post your email address and PayPal password here I think you'll find out pretty quickly what can happen

Platinum Samples
Posts: 4930
Joined: Fri Jun 16, 2006 5:43 pm
Location: Los Angeles, CA
Contact:

Postby Platinum Samples » Thu May 30, 2013 6:05 pm

They wouldn't have your paypal password - that's stored locally on your own computer if anywhere

Rail
Image

orange
Posts: 48
Joined: Tue Jan 04, 2005 12:23 pm

Postby orange » Thu May 30, 2013 6:36 pm

Platinum Samples wrote:They wouldn't have your paypal password - that's stored locally on your own computer if anywhere

Rail


Obviously !

The point I'm making is that many people reuse the same passwords. Is the password you use NOT used for ANY other login anywhere? And at this stage many FXP customers will be unaware of any problem. FXP haven't gone out of their way to let them know. Because they suspect their bulk mailer FFS. Use another, mail by hand. Suspend logins to the website until they know what is going on. Are they totally asleep.

We're the FXP passwords encrypted ?

Contrast this to the response of Sony, Evernote etc when they lost data.

User avatar
purtington
Posts: 2954
Joined: Wed May 16, 2007 9:37 am
Location: Bristol UK
Contact:

Postby purtington » Thu May 30, 2013 7:06 pm

orange wrote:
Platinum Samples wrote:They wouldn't have your paypal password - that's stored locally on your own computer if anywhere

Rail


Obviously !

The point I'm making is that many people reuse the same passwords. Is the password you use NOT used for ANY other login anywhere? And at this stage many FXP customers will be unaware of any problem. FXP haven't gone out of their way to let them know. Because they suspect their bulk mailer FFS. Use another, mail by hand. Suspend logins to the website until they know what is going on. Are they totally asleep.

We're the FXP passwords encrypted ?

Contrast this to the response of Sony, Evernote etc when they lost data.


I take your point orange, I personally am not overly concerned because I don't use the same password or indeed the same email address for my paypal account. I'm aware that some people do but not really much I can do about that.

Not sure how suspending our log ins would help ? And as for mailing by hand... come on... do you really think that's going to happen ?

I mentioned yesterday that fx should send out mail to those who don't frequent the forums and Skot has said they will
be doing that.

Steve
https://soundcloud.com/steve-corr

GA-X58A-UD3R,
Intel i7 930, 2.8Ghz, Overclocked at 3.40Ghz
12GB Corsair DDR3 Ram
WD Caviar Black, 6Gb X 2
+ 500GB SSD drive for BFD Samples
focusrite scarlett 2i4
Windows 10 + windows 7 32bit

User avatar
purtington
Posts: 2954
Joined: Wed May 16, 2007 9:37 am
Location: Bristol UK
Contact:

Postby purtington » Thu May 30, 2013 7:11 pm

The other thing with my paypal account is that there is no money in it.
I mean whenever I buy using paypal I am redirected to my bank whereupon I have to put in another password
which will be a mixture of the 2nd, 5th, & 8th character, or whatever (it changes every time)

I maybe wrong but I thought all paypal accounts worked like that, they don't actually have your money but they have
access to it via your bank. I'm logged in to my paypal account and my balance is, £0.00 so I'm guessing any
hacker would also need my banks password.

Steve
https://soundcloud.com/steve-corr

GA-X58A-UD3R,
Intel i7 930, 2.8Ghz, Overclocked at 3.40Ghz
12GB Corsair DDR3 Ram
WD Caviar Black, 6Gb X 2
+ 500GB SSD drive for BFD Samples
focusrite scarlett 2i4
Windows 10 + windows 7 32bit

emef
Posts: 46
Joined: Sat Sep 23, 2006 6:00 pm
Location: blackpool, england
Contact:

Postby emef » Thu May 30, 2013 8:05 pm

just had another email from dubturbo on the fxpansion address

pokitbot
Posts: 2
Joined: Sat Nov 03, 2012 8:57 am

Postby pokitbot » Thu May 30, 2013 11:27 pm

However they got the information it must of been more recent than "a few years ago" as fxpansion did not have my details then.

richardworm
Posts: 2
Joined: Fri Nov 25, 2011 11:00 pm

Postby richardworm » Fri May 31, 2013 3:00 am

I just got this email just now so these cheeseburgers are still hijacking the Fxpansion name.

User avatar
SKoT_FX
Promulgator of Beats
Posts: 2418
Joined: Tue Sep 21, 2004 9:51 am
Location: FX Australia, Perth
Contact:

Postby SKoT_FX » Fri May 31, 2013 4:51 am

* "A few years ago" was the last time we saw an unauthorized access to one of our servers (not an important one), and to the best of our knowledge at the time, nothing happened. We are of course revisiting that incident to check.
* We have been gather information to pin down the date at which the email address list was obtained in whatever way.
* I repeat: we store NO financial details. We don't even get them. Unlike Sony.
* At this stage there is no information to suggest anything except email addresses have been compromised, and we're still trying to determine how many.
* Spoofing an email to make it look like it comes from a different address is incredibly easy. There are websites everywhere that will do it for you.
* I had a pretty "frank" talk with NCMedia and the "Affliliate Marketing Solution" provider ClickBank last night, and they are cooperating with our enquires to find the supposed "rogue affiliate". We remain open to all possibilities, and won't be taking anything at face value.
* Please excuse the pace of informational updates - we are pretty busy checking everything is locked down, and performing interrogations.
SKoT McDonald
CTO FXpansion]

Spectralis
Posts: 6
Joined: Fri Sep 22, 2006 6:58 pm

Postby Spectralis » Fri May 31, 2013 5:30 am

I've just received another email from those scammers. There is no doubt that they are using FXpansions client email list to spam us. I find it unbelievable that these scammers are still at it and have got this list. They MUST have breached FXpansions security to get the list. Not 3 years ago but recently. Either FXpansions is not investigating this incident thoroughly enough or they are holding information back from us.

Whether they have got financial details or not isn't the main issue. The fact that they have our email addresses is bad enough! It shows that FXpansions security is not effective and needs to be fixed asap. I will only feel confident about this company again once I receive an explanation about how this happened and what has been put in place to make sure it never happens again.

User avatar
SKoT_FX
Promulgator of Beats
Posts: 2418
Joined: Tue Sep 21, 2004 9:51 am
Location: FX Australia, Perth
Contact:

Postby SKoT_FX » Fri May 31, 2013 7:45 am

I'm being completely frank and open, Spectralis, and reporting developments as we find them.

There are all manner of methods for harvesting email addresses without actually breaking into our servers. Email is a notoriously insecure way to communicate. As I said just above your post, at the moment we have no evidence of a break in, but will continue to pursue that as an important line of enquiry until we have resolved this.

We have pretty much half the company on this at the moment (everyone who has the relevant technical skills).

We are still eager to gather whatever evidence arises - so if another bout of email has gone out, can you please send it to me - skot AT fxpansion.com - INCLUDING all the send/receive headers (don't just fwd the email - this vital information will be stripped). This will help us pin down the rat bag. They are stripping all fxpansion staff from the list, so we don't get them directly.
SKoT McDonald

CTO FXpansion]


Return to “General Discussion”

Who is online

Users browsing this forum: AshleySmith08, purtington and 5 guests