Alpha Video Training
Page 3 of 5 FirstFirst 12345 LastLast
Results 61 to 90 of 121

Thread: Credit card info stolen...

  1. #61
    Member
    Real Name
    Clive Swanepoel
    Join Date
    Apr 2006
    Location
    Johnston, Iowa
    Posts
    119

    Default Re: Anyone else get this message

    Quote Originally Posted by gmeredith17 View Post
    It's unfortunate timing for Alpha with V10 having just been released but I'd be interested to know who the service provider is that has been breached.
    The service provider was NOT ZebraHost. We have had a few customers asking if it was us. It was not. Nevertheless it could happen to any system. Banks get robbed, safes get opened, sites get hacked...

    Regretably criminal minds are always at work probing and testing systems. If only they applied those smarts to conducting legit enterprises.
    Affordable Alpha Five, PHP, MySQL Hosting.
    Serving Webmasters since 2000.ZebraHost

  2. #62
    Volunteer Moderator Steve Wood's Avatar
    Real Name
    Steve Wood
    Join Date
    Nov 2003
    Location
    Bay Area, California
    Posts
    8,842

    Default Re: Anyone else get this message

    I agree with Ira and the breach could not have been responsible for losing control of your PayPal account. The only way that would happen is if you purposely gave your password to someone at Alpha, and they manually typed it in and included it in the stolen information. The way PayPal works, there would never ever be a reason to give anyone your password. PayPal does NOT provide that information back to the vendor. However, if you use the SAME password for PayPal as you did for your Alpha account (and assuming that pwd was included in the information), then you might have a problem.

    Side note - client called me and asked what they could do to increase security on the Alpha app I wrote for them. They said they all used their corporate network logins and passwords for the Alpha application, and 'how can I ensure their information is safe'. I said "Don't use the same credentials - it's your problem if you use your ultra-super-valuable login credentials on any 2nd system and that system gets compromised".

    Also, I've seen what people use for passwords, silly to say the least. Their name spelled backwards, the number 12345, five x's, the website name, my name, and worst of all, the same password they use for their bank. Brute force hackers can crack all but the last one unless it is simple also.

    Alpha is hosted on Rackspace, a top notch outfit.
    Steve Wood
    Join the ALPHA DEVELOPERS NETWORK
    There is no Cloud. It's just someone else's computer.
    Web - Mobile - Hosting - Products - Frameworks - Developer Resources
    AlphaToGo | IADN (100% Alpha Anywhere Websites)

  3. #63
    Member
    Real Name
    Clive Swanepoel
    Join Date
    Apr 2006
    Location
    Johnston, Iowa
    Posts
    119

    Default Re: Credit Card Info Stolen

    Quote Originally Posted by CraigSchumacker View Post
    Folks:

    I also had a charge to Golfsmith. The third was "Internet Names For Business" or something similar.

    Craig
    I had a $25 charge from Golfsmith on 11/10. I called them and was told to submit a claim to my cc company. I managed to get them to tell me what was purchased - A gift certificate that was sent to a yahoo email account. They would not give me the yahoo email address. I cancelled my card with the cc company.
    Affordable Alpha Five, PHP, MySQL Hosting.
    Serving Webmasters since 2000.ZebraHost

  4. #64
    Member
    Real Name
    Lou Milone
    Join Date
    Feb 2009
    Location
    SE PA
    Posts
    20

    Default Re: Anyone else get this message

    Thanks for the thoughtful comments from Steve and Ira and others. It seems like too much of a coincidence for it not to be related some how. Steve's comments about passwords are salient, and might be on to something. :) I've made some adjustments.

  5. #65
    "Certified" Alphaholic mmaisterrena's Avatar
    Real Name
    Mauricio Maisterrena
    Join Date
    Nov 2006
    Location
    Torreon, Mexico
    Posts
    1,435

    Default Re: Anyone else get this message

    Some people tend to use the same user name and password for everything if you are one of those be cautios and change your passwords
    Cheers
    Mauricio


  6. #66
    "Certified" Alphaholic mmaisterrena's Avatar
    Real Name
    Mauricio Maisterrena
    Join Date
    Nov 2006
    Location
    Torreon, Mexico
    Posts
    1,435

    Default Re: Credit Card Info Stolen

    was this the yahoo email?
    jeff_schneidr@yahoo.co.uk
    Cheers
    Mauricio


  7. #67
    "Certified" Alphaholic mmaisterrena's Avatar
    Real Name
    Mauricio Maisterrena
    Join Date
    Nov 2006
    Location
    Torreon, Mexico
    Posts
    1,435

    Default Re: Credit Card Info Stolen

    I recived this mail yestarday and found it somehow suspicious



    from Jeff Schneider <jeff_schneidr@yahoo.co.uk>
    reply-to Jeff Schneider <jeff_schneidr@yahoo.co.uk>
    to contact@fuegosoftware.com
    date Tue, Nov 10, 2009 at 3:02 PM
    subject Screenshots
    mailed-by bounce.secureserver.net
    hide details 3:02 PM (10 hours ago)

    your screenshots are shite
    I hope that he really thinks that my screenshots are shite and is not somebody trying to hack my accounts
    Cheers
    Mauricio


  8. #68
    "Certified" Alphaholic mmaisterrena's Avatar
    Real Name
    Mauricio Maisterrena
    Join Date
    Nov 2006
    Location
    Torreon, Mexico
    Posts
    1,435

    Default Re: Credit Card Info Stolen

    Oh I see! he is on the board too, he might have gotten pissed off with my respones to http://msgboard.alphasoftware.com/al...ad.php?t=82839
    Not very politacaly correct to say that on the desktop board (or maybe he just really thinks that the screenshots are "shite" :D)

    Anyways sorry for that I dont want to start a witch hunt of any kind

    I now feel relived though
    Cheers
    Mauricio


  9. #69
    Member
    Real Name
    Geoff Meredith
    Join Date
    Aug 2006
    Posts
    637

    Default Re: Credit Card Info Stolen

    Mauricio,

    After reading your post I checked your website and some of the screen shots are a little blurred but it seems a little harsh to be described as shite. On a positive note your product looks good and hope its selling well.

    Cheers

    Geoff

  10. #70
    Member
    Real Name
    Clive Swanepoel
    Join Date
    Apr 2006
    Location
    Johnston, Iowa
    Posts
    119

    Default Re: Credit Card Info Stolen

    Quote Originally Posted by mmaisterrena View Post
    was this the yahoo email?
    jeff_schneidr@yahoo.co.uk
    Golfsmith would not divulge the email address. All they were prepared to say was that it was a yahoo email account to which they sent the gift certificate.

    In any case my bank has already refunded my account. Thanks to Alpha's quick notification I have incurred no loss.
    Affordable Alpha Five, PHP, MySQL Hosting.
    Serving Webmasters since 2000.ZebraHost

  11. #71
    Member FrankR's Avatar
    Real Name
    Frank R
    Join Date
    Mar 2006
    Posts
    210

    Default Re: Credit Card Info Stolen

    Quote Originally Posted by mmaisterrena View Post
    Not very politacaly correct to say that on the desktop board (or maybe he just really thinks that the screenshots are "shite" :D)
    Your calendar looks Great.
    Frank R

  12. #72
    Member
    Real Name
    Rob
    Join Date
    Apr 2008
    Posts
    126

    Default Re: Anyone else get this message

    People pick silly passwords because the password system is silly. You need a database system to track the 50 or more passwords required to be even moderately connected. Pins for credit cards, bank accounts, emails, forums, software, almost any company you want to interact with and it goes on and on ...

    You need passwords to do things which should not require a password. You need to log on to this forum to see a jpeg image. I once had to provide a PIN to DEPOSIT CASH into my bank account.

    I think that in the future we will need to carry a physical device which will identify us. We will only need one password or biometric scan to use the device.

  13. #73
    Member
    Real Name
    Steven McLean
    Join Date
    Feb 2009
    Location
    Brampton, ON
    Posts
    260

    Default Re: Anyone else get this message

    Rob, "1984". This device will most likely also be a GPS. Big brother would not only know where you are, but what you are doing also.
    _______________________________
    Steven McLean
    i3 Home Inspections
    Steven@myi3.com

  14. #74
    Member
    Real Name
    Scott Lines
    Join Date
    Aug 2007
    Posts
    129

    Default Re: Credit Card Info Stolen

    Could someone forward me a copy of the email from Alpha? I can't recall getting it, but I may have gotten it and deleted it.

    Thanks,
    Scott

    slines @ adelphia.net

  15. #75
    "Certified" Alphaholic mmaisterrena's Avatar
    Real Name
    Mauricio Maisterrena
    Join Date
    Nov 2006
    Location
    Torreon, Mexico
    Posts
    1,435

    Default Re: Credit Card Info Stolen

    Your calendar looks Great.
    Thank you Frank and Geoff
    Cheers
    Mauricio


  16. #76
    Member
    Real Name
    Ross
    Join Date
    Sep 2009
    Posts
    16

    Default Re: Anyone else get this message

    Quote Originally Posted by aRob View Post
    People pick silly passwords because the password system is silly. You need a database system to track the 50 or more passwords required to be even moderately connected.
    Roboform is one. How secure it is I haven't a clue but any thoughts on that program or others would be appreciated.

  17. #77
    Member
    Real Name
    Craig Schumacker
    Join Date
    May 2000
    Posts
    690

    Default Re: Credit Card Info Stolen

    Greetings:

    There is a parallel thread to this running under the announcements section.

    A gentleman over there has stated his PayPal was compromised. He and I are of the opinion this is a related incident.

    As your Paypal account is your email address, and the hacker has this, please consider the fact that if you used the same password on Alpha's site as you do for PayPal, you have an open door to a secondary wave of attacks.

    Please consider that it would be possible to have two or more accounts at Alpha's Store. You may have other info exposed if the data is paired.

    Please think carefully about where else you use your passwords.

    On a side note, Windows servers are great. I have several. But they require regular and routine updates, and you MUST run virus software on them.

    If I were Alpha Software, I'd be looking elsewhere for hosting the site. Their present hosting company isn't up to the task.

    Craig

    Ut, just got an email from an associate. He was also compromised, and isn't too happy with Alpha Software right now.

    Craig

  18. #78
    Member
    Real Name
    Rob
    Join Date
    Apr 2008
    Posts
    126

    Default Re: Anyone else get this message

    Steven,
    Big Brother already knows where you are. Your position can be determined within a few meters from your cell phone or Blackberry signal. GPS in your car may be giving away your position. Credit card and bank transactions leave a trail. Connecting to the internet gives away your position and sends out a steady stream of data which can be 'analyzed'.
    Not just Big Brother knows about you but a lot of Little Brothers know more than they should.

  19. #79
    VAR csda1's Avatar
    Real Name
    Ira J Perlow
    Join Date
    Apr 2000
    Location
    Boston, Massachusetts, USA
    Posts
    3,530

    Default Re: Credit Card Info Stolen

    Anyone who is posting to this thread and the other one. Please stay on the topic, and don't post other stuff/requests here.

    Quote Originally Posted by CraigSchumacker View Post
    A gentleman over there has stated his PayPal was compromised. He and I are of the opinion this is a related incident.

    As your Paypal account is your email address, and the hacker has this, please consider the fact that if you used the same password on Alpha's site as you do for PayPal, you have an open door to a secondary wave of attacks.
    This is true, if and only if you used the same email and password. If the password was even slightly different, a hacker would probably be shut down before he found a successful variation of the password. One way of using the same password for all sites and yet be different is to incorporate part of the site's name into the password at a consistent position, e.g. beginning, end, or some fixed position in the middle. E.g for PayPal, Ebay, Mastercard
    12345PP6789
    12345EB6789
    12345MC6789
    By choosing a position known only to you, and an abbreviation method (could be last 2 letters of name, 1st 2 letters, 2 letter Initials as one choice. Maybe 3 letters, etc.) you will have a method that is specific to the site, yet different for all. It would take several of your passwords to determine the pattern, an unlikely scenario.

    Many of the people choose a name as part of the main text of the password. On sites that don't monitor multiple attempts at access, hackers just run through a dictionary of names and values in the hope of cracking your password. It works surprisingly well.

    You can make it harder by picking an odd name or initials or value that has nothing to do with you, e.g. a childhood friend's phone number with his initials or lastname with some or all of the 1st name. It should never be something someone could easily research. It should also be easy enough for you to remember, because the moment you write it down, it has the ability to be taken.

    Just consider how easy it is to break into a system at work by turning over some keyboards and reading the attached slip of paper, or look at the post-it note on the side of the computer. If you must write it down, place it in a list of similar items, like using a list of phone numbers and placing it somewhere in it.

    Quote Originally Posted by CraigSchumacker View Post
    If I were Alpha Software, I'd be looking elsewhere for hosting the site. Their present hosting company isn't up to the task.
    Without knowing the methodology used to get into the site, that is a strong statement that I'd disagree with. Maybe it was an Alpha employee's machine had a virus with the access to the server keys (ftp program). Maybe it was the server company. Maybe it was new security hole in a Windows server (Nahhhh. Microsoft products never have any holes :D ). You can't blame 1 or more companies without knowing the source and method. Maybe it was the store application that had the whole in it. Maybe it's a hole in PHP. The list goes on.
    Regards,

    Ira J. Perlow
    Computer Systems Design


    CSDA A5 Products
    New - Free CSDA DiagInfo - v1.39, 30 Apr 2013
    CSDA Barcode Functions

    CSDA Code Utility
    CSDA Screen Capture



  20. #80
    "Certified" Alphaholic
    Real Name
    Jeff Kletrovets
    Join Date
    Oct 2005
    Location
    Columbus, OH
    Posts
    1,135

    Default Re: Anyone else get this message

    Ross,

    I am not sure how secure it is to some techno-freak person trying to break into it but I think it is pretty good.

    This is from their FAQ.

    Q: If somebody steals my RoboForm Passcard files, can they get into my accounts?
    A: If you password-protect all sensitive Passcards and Identities and then it will be very difficult. Specifically, all password-protected Passcards and Identities are stored in files that are encrypted by your Master Password using AES, BlowFish or 3DES. So a person who stole your computer or password files, will have to break these encryption algorithms in order to get your passwords from Passcards.
    As long as you observe these rules, it should be very hard to use the stolen info:
    * Password-protect all sensitive Passcards and Identities. Anyone can see and use Passcard or Identity that is not password-protected.
    * Make your Master Password long enough and un-obvious enough, so that it cannot be defeated by a simple dictionary attack. Do not use any words or names from any widely used languages, make your Master Password at least 10 characters long.
    * Use AES, BlowFish, or RC6 for encryption, they are harder to break than other algorithms.
    * More info on RoboForm security: click here.
    I have used Roboform for years and it is one awesome piece of software!

    Regards,

    Jeff

  21. #81
    Member
    Real Name
    Brent Gallagher
    Join Date
    May 2007
    Location
    Maryland Mountains
    Posts
    15

    Default Re: Anyone else get this message

    I have not yet been notified, and I purchased the V9.0 upgrade recently (do not wish to disclose exact date). The failure to notify me is really disappointing. It was only through reading the posts on this forum that I gained knowledge of the breach. I now check daily with the source of my original charge to be certain that I have not become a victim.

    I have used 'TurboPassword' for years, and I am completely satisfied with its ability to generate inconspicuous passwords, and provide me with an affordable and efficient tool to reduce the chance of pw cracking. As has been articulated in this thread, use strong pw protection, and don't take the 'easy' path.

    Just my 2 cents worth, and still awaiting my notification.

  22. #82
    Volunteer Moderator Steve Wood's Avatar
    Real Name
    Steve Wood
    Join Date
    Nov 2003
    Location
    Bay Area, California
    Posts
    8,842

    Default Re: Anyone else get this message

    The failure to notify me is really disappointing.
    I know only those whose data was in a position to be compromised were contacted. So you should feel the opposite.
    Steve Wood
    Join the ALPHA DEVELOPERS NETWORK
    There is no Cloud. It's just someone else's computer.
    Web - Mobile - Hosting - Products - Frameworks - Developer Resources
    AlphaToGo | IADN (100% Alpha Anywhere Websites)

  23. #83
    Member
    Real Name
    James Miles
    Join Date
    Jan 2008
    Location
    Krakatau East of Java
    Posts
    246

    Default Re: Anyone else get this message

    "I know only those whose data was in a position to be compromised were contacted. So you should feel the opposite."

    NOT TRUE. My CC was used for a gift card from Cabels on
    10/14/09. The only thing I ever purchased (and I do mean only thing)on it was V8 & V9. Over the phone. I received NO notification... More than "disappointing."

  24. #84
    Volunteer Moderator Steve Wood's Avatar
    Real Name
    Steve Wood
    Join Date
    Nov 2003
    Location
    Bay Area, California
    Posts
    8,842

    Default Re: Anyone else get this message

    You should call Alpha directly and tell them so. My understanding was they could tell who was at risk, who was not.
    Steve Wood
    Join the ALPHA DEVELOPERS NETWORK
    There is no Cloud. It's just someone else's computer.
    Web - Mobile - Hosting - Products - Frameworks - Developer Resources
    AlphaToGo | IADN (100% Alpha Anywhere Websites)

  25. #85
    Member
    Real Name
    Ross
    Join Date
    Sep 2009
    Posts
    16

    Default Re: Anyone else get this message

    Quote Originally Posted by milesjg View Post
    "I know only those whose data was in a position to be compromised were contacted. So you should feel the opposite."

    NOT TRUE. My CC was used for a gift card from Cabels on
    10/14/09. The only thing I ever purchased (and I do mean only thing)on it was V8 & V9. Over the phone. I received NO notification... More than "disappointing."
    You should ask if the CC's taken over the phone were entered into the same system. I placed my order online and I've been expecting to see others report that their cards were used to purchase domains and hosting because a guy at one of the hosting companies my card was used on recognized the address in Vietnam and said this guy has been hitting ton's of cards.

    I have a hard time feeling disappointed on this one. I've been at hit least 7 times in the last 10 years on 7 different cards and this is the first time anyone has notified me of a security breach. 3 of those cards were never used on the net. I learned in the news that 2 of my cards were breached probably as the result of a gang that was working with gas station employees to somehow grab CC info. 2 from two leaks at the world's largest online law database. The others I have no clue. They say, believe it or not, the least secure method is giving out your CC over the phone.

    The majority of security breaches go unreported. The Identify Theft Resource Center publishes a list of high profile security breaches that have been reported, so far in 2009 they have 429 breaches on their list alone affecting 220,427,887 records: http://www.idtheftcenter.org/ITRC%20...ort%202009.pdf

    Check this one out from 2007:

    TJX Cos reporter that intruders broke into computers sometime in mid December and stolen an unknown amount of customer data including credit card, debit card, check and merchandise return transactions for TJ Maxx, Marshalls, HomeGoods and AJ Wright stores in the US. TJX's Bob's Stores and TK MAX stores are also involved. In addition, Bruce Spitzer, a spokesman for the Massachusetts Bankers Association, said at least eight banks have been affected by a similar breach of information, related to debit cards they issued. The breach may have started as early as 2003. A multi-state and FBI investigation is underway.

    Update: March- the number of affected consumers revealed in a filing with the SEC is 45.7 million customer records. TJX also reported in the filing that another 455,000 customers who returned merchandise without receipts had their personal data stolen, including drivers' license numbers. Update: A settlement has been reached based on info from VISA and Mastercard. Total records updated to 94 million.
    Last edited by RossAllen; 11-12-2009 at 10:24 AM.

  26. #86
    Member
    Real Name
    Donald E. Janssen
    Join Date
    Jan 2007
    Posts
    35

    Default Re: Credit Card Info Stolen

    Reading this thread I now know why I had credit card charges from Cabela (2 for $100). The credit card company caught the entries and closed the card and issued a new one and removed the Cabela charges at once. This occured well over a month ago so I guess I was early on the list and didn't connect this when Alpha sent the e-mail concerning the theft. I'm sure glad the credit card company was on the ball.

  27. #87
    Member
    Real Name
    Steven McLean
    Join Date
    Feb 2009
    Location
    Brampton, ON
    Posts
    260

    Default Re: Credit Card Info Stolen

    Given the recent US court ruling giving the police the ability to seize data stored on servers hosted by 3rd parties without a warrant, I think some WEB App developers my rethink that platform.
    _______________________________
    Steven McLean
    i3 Home Inspections
    Steven@myi3.com

  28. #88
    "Certified" Alphaholic
    Real Name
    Mike Christensen
    Join Date
    Nov 2005
    Location
    Michigan U.P.
    Posts
    5,937

    Default Re: Credit Card Info Stolen

    Steven...Link please to this court ruling? or specific search terms?
    Mike
    __________________________________________
    It is only when we forget all our learning that we begin to know.
    It's not what you look at that matters, it's what you see.
    Henry David Thoreau
    __________________________________________




  29. #89
    Member
    Real Name
    Rick Sloan
    Join Date
    Apr 2006
    Posts
    79

    Default Re: Credit Card Info Stolen

    Hi Mike

    I am not sure about a court ruling, however I did see something about that some months ago here in Canada on one of our news channels. It was in the "ticker tape" news flashes scrolling on the bottom.

    It had something to do with passing a law specifically for authorities and police to view all e-mails without warrant as part of the war on terror. I am not sure if it was the for the U.S., since I saw it here in Canada. It is most likely for here, but it could be both.

    The ticker tape scroll went by quickly but it was definitely there. I was shocked. I waited as long as I could with the time I had for it to go by again, but was unsuccessful. I had to leave. I tried some time later to see if it would go by again, but it must have been at the end of its "news worthiness'. I never saw it again.

    After recent years events, I think we would all be "dreaming in technicolor" if we were naive enough to think that is not happening right now anyway.

    Cheers (to the authorities as well)

    Rick

  30. #90
    "Certified" Alphaholic
    Real Name
    Mike Christensen
    Join Date
    Nov 2005
    Location
    Michigan U.P.
    Posts
    5,937

    Default Re: Credit Card Info Stolen

    Hi Rick,
    I wasn't disagreeing with Steven at all....just wanted to make certain I would read/find the same article....I did just look and found this but seems to contradict what Steven alluded to (maybe this appeal overturned what Steven read?).
    http://www.complianceweek.com/articl...ry-protections

    Getting a bit off topic and was just curious so hopefully we don't dwell on this in this thread.
    Mike
    __________________________________________
    It is only when we forget all our learning that we begin to know.
    It's not what you look at that matters, it's what you see.
    Henry David Thoreau
    __________________________________________




Similar Threads

  1. Need a Message but not an Error Message in a Grid
    By iviowa in forum Application Server Version 8
    Replies: 2
    Last Post: 07-31-2008, 11:16 PM
  2. Error message
    By BGray in forum Alpha Five Version 5
    Replies: 2
    Last Post: 05-16-2006, 10:45 AM
  3. Getting around a A5 system message
    By rfha in forum Alpha Five Version 7
    Replies: 8
    Last Post: 04-24-2006, 12:11 AM
  4. Help message
    By Kenneth Cameron in forum Alpha Five Version 5
    Replies: 7
    Last Post: 03-31-2003, 04:13 AM
  5. Message To All
    By Louis Nickerson in forum Alpha Five Version 5
    Replies: 0
    Last Post: 12-24-2002, 08:55 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •