-
AuthorPosts
-
December 5, 2014 at 9:23 pm #203337
I just received an email from soshkt@gmail.com and it included 84 pages PDF of users names and passwords from the idev affiliate table of Joomlart. Nothing is encrypted. I see it all. Here’s the message on top of the PDF:
<blockquote>Hi .This is your details from Joomlart.com Affiliate program
all your password are not decoded and they can see your password
If you need more details contact us soshkt@gmail.com
We have 360000 Joomlart’s forum users email that you can use for ads</blockquote>I won’t post the info or an image but I can tell you my full name, email address and password are in this list along with username.
Someone better do something about this FAST!
December 5, 2014 at 9:25 pm #557698The actual database table is: Database: joomlart_user, Table: idevaff_affiliates
mspritely Friendmspritely
- Join date:
- May 2008
- Posts:
- 5
- Downloads:
- 0
- Uploads:
- 0
- Thanked:
- 1 times in 1 posts
December 5, 2014 at 10:16 pm #557702I also received the same email and can confirm that the info sent is VERY REAL..
Joomlart — You have been hacked and I cant believe that you stored our passwords in PLAIN TEXT .This is just awful .
the cats out the bag – I can suggest to EVERYONE that they change passwords now
What an awful breach of your security and failure to keep our info private
1 user says Thank You to mspritely for this useful post
December 5, 2014 at 10:38 pm #557703<em>@mspritely 456316 wrote:</em><blockquote>I also received the same email and can confirm that the info sent is VERY REAL..
Joomlart — You have been hacked and I cant believe that you stored our passwords in PLAIN TEXT .This is just awful .
the cats out the bag – I can suggest to EVERYONE that they change passwords now
What an awful breach of your security and failure to keep our info private</blockquote>
Everyone change your password. I tested a random account and was indeed able to login to paypal and see everything. I immediately called paypal and someone from the executive team is going to call me back shortly.
Everyone change every password.
mspritely Friendmspritely
- Join date:
- May 2008
- Posts:
- 5
- Downloads:
- 0
- Uploads:
- 0
- Thanked:
- 1 times in 1 posts
December 5, 2014 at 10:53 pm #557704I did a search on the email sender and found that he has offered a list of user names before
Here is the link to the google search
soshkt@gmail.com
https://www.google.com/search?q=soshkt%40gmail.com&oq=soshkt%40gmail.com&aqs=chrome..69i57j69i58.199j0j4&sourceid=chrome&es_sm=119&ie=UTF-8He posted on the joomla message board on Nov 25th.
Cant tell if he is offering the same list of names but he certainly cracked the Joomlart database and is selling ours nowJoonlart – PLEASE address this issue
All others – PLEASE change your passwords now !!!! especially paypalDecember 5, 2014 at 11:16 pm #557705I’ve contacted the fraud department at PayPal and gave them the user email that I was easily able to login to on Paypal so they are working on it right away.
I’ve sent an email to Hung but haven’t heard anything back. Tried to contact Tucows to temporarily shut down access to the domain, no avail. Not many seem to be able to see this forum post so I’m not sure what else to do but this needs to be addressed
IMMEDIATELY!!!!
vivacomputers Friendvivacomputers
- Join date:
- March 2011
- Posts:
- 152
- Downloads:
- 0
- Uploads:
- 1
- Thanks:
- 26
- Thanked:
- 4 times in 1 posts
December 6, 2014 at 8:56 am #557724I also got the email just now! I have changed my password at least for the most important sites. Here for Joomlart a different one because I don’t trust it anymore……but I want to keep in touch for news.
It is a big shame that they got hacked specially with all the payment information that is stored here!
Joomlart get your act together!
Arvind Chauhan ModeratorArvind Chauhan
- Join date:
- September 2014
- Posts:
- 3835
- Downloads:
- 74
- Uploads:
- 92
- Thanks:
- 1240
- Thanked:
- 1334 times in 848 posts
December 6, 2014 at 9:15 am #557725Hi Guys,
Yes its a very serious issue and we are already working on it. The affiliate system has been taken down and we are sending out emails to all the affiliate accounts to update them of the breach and change their passwords.
Apart from our tech guys, we have hired server security person to analyze the extend of breach.
We are putting up a blog post soon to inform all and will keep updating as we get more details.
Arvind
Arvind Chauhan ModeratorArvind Chauhan
- Join date:
- September 2014
- Posts:
- 3835
- Downloads:
- 74
- Uploads:
- 92
- Thanks:
- 1240
- Thanked:
- 1334 times in 848 posts
December 6, 2014 at 9:15 am #557726Hi Guys,
Yes its a very serious issue and we are already working on it. The affiliate system has been taken down and we are sending out emails to all the affiliate accounts to update them of the breach and change their passwords.
Apart from our tech guys, we have hired server security person to analyze the extend of breach.
We are putting up a blog post soon to inform all and will keep updating as we get more details.
Arvind
triumph Friendtriumph
- Join date:
- May 2010
- Posts:
- 17
- Downloads:
- 0
- Uploads:
- 0
- Thanks:
- 2
- Thanked:
- 1 times in 1 posts
December 6, 2014 at 9:15 am #557727I received the same email this afternoon. My account, email address, username and password are now public knowledge.
Why has Joomlart NOT notified ALL of its members???
I’m really disappointed that there has been no response from the Joomlart team on this matter.
I’ll be spending the entire day reviewing and changing logins/passwords throughout my company.
Every supplier from now on will have a different password.
Arvind Chauhan ModeratorArvind Chauhan
- Join date:
- September 2014
- Posts:
- 3835
- Downloads:
- 74
- Uploads:
- 92
- Thanks:
- 1240
- Thanked:
- 1334 times in 848 posts
December 6, 2014 at 9:37 am #557730Hi Triumph,
We are sending out emails as I write this. We have been working on it since we knew of it few hours back. Blog is also coming up and we would be updating it as we have more information. We have also reached out to hacker apart from asking close friends to help with server audit and get the full extent of the breach. Only the affiliate system has unencrypted passwords and it was to be replaced with other system soon.
I know its a serious lapse and we are in damage analysis and control.
Will keep you updated
Arvind
Operations ManagerJames Weston FriendJames Weston
- Join date:
- September 2014
- Posts:
- 1030
- Downloads:
- 11
- Uploads:
- 70
- Thanks:
- 408
- Thanked:
- 16 times in 1 posts
December 6, 2014 at 10:21 am #557733Does this effect regular template club members?
pavit Moderatorpavit
- Join date:
- September 2007
- Posts:
- 15749
- Downloads:
- 199
- Uploads:
- 2274
- Thanks:
- 417
- Thanked:
- 4028 times in 3778 posts
December 6, 2014 at 10:59 am #557738Hi @origomedia
<blockquote>Does this effect regular template club members?</blockquote>
Please take a look at blog post HERE
Arvind Chauhan ModeratorArvind Chauhan
- Join date:
- September 2014
- Posts:
- 3835
- Downloads:
- 74
- Uploads:
- 92
- Thanks:
- 1240
- Thanked:
- 1334 times in 848 posts
December 6, 2014 at 11:19 am #557739<em>@origomedia 456356 wrote:</em><blockquote>Does this effect regular template club members?</blockquote>
Not in terms of passwords as all are encrypted. We will still enforce a hard reset for all users across all our sites as soon as our server security is confirmed. We are also negotiating with hacker to get more details. We have the blog up and all updates will be pushed to it. Our first responsibility is towards our members and with that in mind we are trying our best. Sit tight, if you are using common passwords better to change them.
Regards
Arvind
-
AuthorPosts
This topic contains 14 replies, has 7 voices, and was last updated by Arvind Chauhan 10 years ago.
We moved to new unified forum. Please post all new support queries in our New Forum