[solved] If you're a customer of Intl-Outdoor there is the possibility that your data is online

Aren’t they out for cny? If so, there may not be anyone to deal with this :expressionless:

ive seen hank on gmail messenger… you could try that

Yeap, I saw it.
Why the subject is “solved”? Data are still available. In addition I can see some amounts of the transactions.

I'm not seeing any transactions, just: full name, address, phone number, email, and a encrypted version of their password.

For example:

INSERT INTO `orders_status_history` VALUES(‘4611’,‘1538’,‘2’,’2012-03-20

16:02:29’,‘0’,’Transaction ID: 5YU21003UL582231C nPayment Type: PayPal

Express Checkout (instant) nTimestamp: 2012-03-20T23:02:28Z nPayment

Status: Completed nAmount: 92.00 USD ’);

Fancy trying graham Entwistles phone number? Just for a giggle.

Damn, you're right. At least there is no way for them to release the paypal account's password as they never get it. ;) I also found IP addresses.

I just had a phone call, someone trying to sell me paisley…….

i like a hint of paisley on my spam in the morning… is that shiz easy to grow???

I can’t come up with anything. Do you have to log in? How does one enter sql into the search?

If you find out, let me know, I pm-d someone to ask them but didn’t get through.

Guys, as someone who knows this stuff I'm not going to share a link. Much better if less people find it.

I agree.

I have sent PMs to a few of the people above but here my official response is.

Sorry, but I’m not going to share a link to the info just because I would prefer for less people to know about it. If you have purchased from IO your: full name, address, phone number, email registered with them, paypal email, paypal transaction ID #, IP address, shipping option, currency paid in, and a encrypted version of your password are all on it.

Sorry,

David

Yeah, this isn’t good. I just Googled and quickly found a 32 megabyte SQL dump file of what is probably their entire database, still available on their site.

I just edited their BLF rating page and removed the “Recommended” badge…

Yeah, someone has really screwed up in their case. Thanks for doing that, I was going to suggest it anyways. ;)

meh…. i should probably change all 308,938,392 of my online passwords now right?

its been a while since i changed everything… i dont use the same thing for everything though… i recently changed my intl outdoor pass because i forgot it … but who knows when the sql dump is from

Well that sucks, I didn’t use a password that is used elsewhere and my info is all over anyways… I’m not really worried but it’s still disheartening to see this happen in what used to be a moderately trusted business. Such is the reality of the web nowadays, things are never completely secure (Which is why I’m never completely trusting, least here on the webs).

I do, actually. It’s clearly labelled with the date of the dump. I won’t mention it here to avoid making it easier to find, though.

ok… i guess its time to change my passwords just to be safe then