[solved] If you're a customer of Intl-Outdoor there is the possibility that your data is online

Yep still available…now I have stolen all your identities…muhhaaaw >)

How do you change your password can't find a link on the site?

I'll add that it only shows up in google search, the whole in their system seems to have been fixed. Can anyone confirm my theory that before you could download a SQL file with everyones info in it?

yes, that is exactly what happend. You could download the whole file directly from their site. They responded swiftly to the mails and took it down, but still this should not have happend in the first place.

Somebody should submit a Google takedown request to get that data removed from Google’s cache.

I imagine the request would be processed faster if the site owner (Intl-Outdoor) were to submit the request. Maybe somebody could suggest this to them.

I forwarded a link to SB’s post directly to Hank.

Still available(not with google) and now I know the addresses of you guys so we can shut down the forum and write old school letters?…

I request a password before every order so I have no issues with that.

How are you guys seeing this stuff? I tried searching via google but come up blank.

Ohhh boy…

I don´t use same user / password in ANY 2 sites over the net.
And I can assure, there are a TON of them. I keep a list of passwords.

I just changed my IOS password, but have no idea what the old one was. I know that my BLF password is as complex a password as I use (because I have to use capitals, numbers, punctuation etc, but again, have no idea what it is, and can’t remember how or where to check what passwords Windows 7 stores for me.

Changing the PW at IO doesnt make any sense because your old password was visible..

Quote before its gone. :P

Well, people now go crazy about "I have to change my password at IO so nothing bad happens to other sites".. fact is, that the old password was visible and someone probably saved them. Thats why I said: change the password on other sites where you used the same email/password combination.

Copy that?

Maybe I should have written "Changing the PW only at IO..".

If you still dont understand, I'll explain it to you via PM in German (because obviously your english skills are non-existent *troll the troll*) ;)

If you still dont understand, I'll explain it to you via PM in German (because obviously your english skills are non-existent *troll the troll*)

I like it.

Why writing a Pm, now you can send a postcard to the address from the customer database……

And we should demand some discount for this dumb backup…a free gift for everyone :smiley:

It was encrypted, but I guess if you had one clear-type password (for example your own) and the matching hash key, you could find out how to decrypt the rest. Not too hard..

well i guess it would be possible to extract all hash keys from the file automatically at once, e.g. with a clever text editor or mma, and then feed the list of MD5's to google webpages such as hash-cracker.com but i dont believe that any of us flashaholics is up to the task. besides, since MD5's are irreversible, the password would have to be in the database of 700 mio strings already. if your password is really unique e.g. the string kreisler then the MD5 could not be decrypted ;)

And now..

..gimme da hash!!

;) hehe

Yeah, who ever downloaded the page could have easily gotten everything... At this point I don't see a need to shop at Intl-Outdoor again, they put my public information out on the web. I think someone needs to crack the hashes and fill in all of the info including passwords and send that on to Intl-Outdoor to point out how insecure it was.

Hmmm, I thought I paid with Paypal, am I compromised too?