Komplettes Thema anzeigen
06.02.2012, 20:42
06.02.2012, 20:42
Betreff: David Morgan gehackt (?)
Nun hat es wohl auch David Morgan erwischt.
Zur Kentnisnahme:Die folgende Meldung erhielt ich grade:
Dear David Morgan Customer,
Recently we suffered a criminal theft of some customers’ data from our website, davidmorgan.com. Many of our online account holders’ email addresses and corresponding encrypted passwords were stolen then posted publically on the internet. Please note: no customer credit card numbers were stolen. Encrypted passwords do not enable account access.
As soon as we learnt of the theft, we took the following steps:
We identified and eliminated the weakness in our server software and made other improvements to protect our website from further intrusions.
We requested that the two websites hosting the stolen information take it down. They did so promptly.
We reported the theft to the FBI and will provide whatever further information will help them with their investigation.
We have reset all online passwords. At the same time, we have strengthened our encryption and are requiring stronger passwords to be chosen by our customers.
We have examined the server access logs and other data and to the best of our knowledge, no further information (first and last name, address, etc) was stolen. There is no evidence that any encrypted passwords have been decrypted. The theft was limited to our online accounts and does not affect customers who have purchased online without creating an account. The theft only affects our online server, and does not impact any other segment of our business.
We know for certain that no customer credit card numbers were stolen as those are never stored on our server and are processed on a different computer.
Where possible, we are notifying affected customers, including you, by email of the theft of their email address and encrypted password so that they may be aware that:
a) There is a heightened risk that criminals might email you claiming to be from David Morgan and asking for additional information (phishing);
b) If you used the same or similar password at a different online site, those passwords should be changed as a precautionary measure;
c) You may receive some spam as a consequence of their email address having been stolen.
Additional information can be found on our web site ...
EDIT: Habe eine Mail mit diesem Inhalt an D.M. geschickt um mir diese Meldung bestätigen zu lassen. Eine eventuelle Antwort werde ich euch hier wissen lassen.
Nun hat es wohl auch David Morgan erwischt.
Zur Kentnisnahme:Die folgende Meldung erhielt ich grade:
Dear David Morgan Customer,
Recently we suffered a criminal theft of some customers’ data from our website, davidmorgan.com. Many of our online account holders’ email addresses and corresponding encrypted passwords were stolen then posted publically on the internet. Please note: no customer credit card numbers were stolen. Encrypted passwords do not enable account access.
As soon as we learnt of the theft, we took the following steps:
We identified and eliminated the weakness in our server software and made other improvements to protect our website from further intrusions.
We requested that the two websites hosting the stolen information take it down. They did so promptly.
We reported the theft to the FBI and will provide whatever further information will help them with their investigation.
We have reset all online passwords. At the same time, we have strengthened our encryption and are requiring stronger passwords to be chosen by our customers.
We have examined the server access logs and other data and to the best of our knowledge, no further information (first and last name, address, etc) was stolen. There is no evidence that any encrypted passwords have been decrypted. The theft was limited to our online accounts and does not affect customers who have purchased online without creating an account. The theft only affects our online server, and does not impact any other segment of our business.
We know for certain that no customer credit card numbers were stolen as those are never stored on our server and are processed on a different computer.
Where possible, we are notifying affected customers, including you, by email of the theft of their email address and encrypted password so that they may be aware that:
a) There is a heightened risk that criminals might email you claiming to be from David Morgan and asking for additional information (phishing);
b) If you used the same or similar password at a different online site, those passwords should be changed as a precautionary measure;
c) You may receive some spam as a consequence of their email address having been stolen.
Additional information can be found on our web site ...
EDIT: Habe eine Mail mit diesem Inhalt an D.M. geschickt um mir diese Meldung bestätigen zu lassen. Eine eventuelle Antwort werde ich euch hier wissen lassen.
Hans
Dieser Beitrag wurde 2
mal editiert, das letzte Mal am 06.02.2012, 20:52 von "Indy" Hans.