[solved] If you're a customer of Intl-Outdoor there is the possibility that your data is online

103 posts / 0 new
Last post
gords1001
gords1001's picture
Offline
Last seen: 3 years 5 months ago
Joined: 05/07/2012 - 14:02
Posts: 5276
Location: wigan england

I’m still waiting on that phone call, scaru, your no fun… :bigsmile:

brad
brad's picture
Offline
Last seen: 4 hours 36 min ago
Joined: 12/04/2012 - 02:07
Posts: 2408
Location: USA

I do hope that someone has enough integrity to pm me the link rather than patronize me and treat me as an outsider.

Not what we have but what we enjoy, constitutes our abundance.

scaru
scaru's picture
Offline
Last seen: 4 years 11 months ago
Joined: 03/22/2012 - 13:36
Posts: 6946
Location: Virginia

brad wrote:
I do hope that someone has enough integrity to pm me the link rather than patronize me and treat me as an outsider.

Brad, I offered to send you your information; however I still feel it is best not to share this. If I give you the link than I have to give it to everyone, and then the bots will pick it up. 

Pulsar
Pulsar's picture
Offline
Last seen: 3 months 4 days ago
Joined: 07/29/2011 - 00:41
Posts: 5848
Location: Maine

you got my phone number? text me S)
this is bad news though, really…

scaru
scaru's picture
Offline
Last seen: 4 years 11 months ago
Joined: 03/22/2012 - 13:36
Posts: 6946
Location: Virginia

Pulsar wrote:
you got my phone number? text me S) this is bad news though, really...

We would need your name or address or email to get that, this is because you never registered as Pulsar over at Intl-outdoor. (Checked Wink )

scaru
scaru's picture
Offline
Last seen: 4 years 11 months ago
Joined: 03/22/2012 - 13:36
Posts: 6946
Location: Virginia

Ok, I just talked to Hank and the place where I found it has now been taken offline. Big Smile

Speedsix
Offline
Last seen: 1 month 1 week ago
Joined: 12/04/2011 - 14:49
Posts: 1676
Location: San Diego, California

Makes me glad I have not shopped with them yet. Was going to but didn’t get around to placing my order. Makes me NEVER EVER want to shop with them in the future. Don’t need the risk.

Pulsar
Pulsar's picture
Offline
Last seen: 3 months 4 days ago
Joined: 07/29/2011 - 00:41
Posts: 5848
Location: Maine

The problem is an easy fix and it should be fixed by now… The webmaster should have known better, yes… It was a pretty serious oversight by them.

Rufusbduck
Rufusbduck's picture
Offline
Last seen: 7 months 1 week ago
Joined: 04/04/2012 - 15:34
Posts: 10389
Location: Golden state

After my one and only purchase there I was sent a password via email to check on my order. That password is used nowhere else so that’s okay right?

Three Tanna leaves to give him life, nine to give him movement. But what if he eats the whole bag?

Scott

Suncoaster
Suncoaster's picture
Offline
Last seen: 2 weeks 3 days ago
Joined: 02/22/2012 - 07:14
Posts: 2192
Location: Where the girls are green and the grass is pretty.
Rufusbduck wrote:
After my one and only purchase there I was sent a password via email to check on my order. That password is used nowhere else so that’s okay right?

Yes, but your name and address, email, IP address and probably the order details are out there.

"In the land of the blond the one eyed man is king."

*This message is protected with ROT26 encryption.Old Lumens

Rufusbduck
Rufusbduck's picture
Offline
Last seen: 7 months 1 week ago
Joined: 04/04/2012 - 15:34
Posts: 10389
Location: Golden state

So is there a loaded gun pointed at my head or what? I haven’t a clue what I’m supposed to be worried about or what I should be doing about it.

Three Tanna leaves to give him life, nine to give him movement. But what if he eats the whole bag?

Scott

Bort
Bort's picture
Offline
Last seen: 23 min ago
Joined: 06/01/2012 - 17:15
Posts: 8338
Location: Holding the proverbial flashlight

i knew i should have changed my name to john smith when i turned 18, good luck tracing that

The Journal of Alternative Facts TM

"It is critical that there is a credible academic source for the growing and important discipline of alternative facts. This field of study will just keep winning, and we knew that all the best people would want to be on board. There is a real risk in the world today that people might be getting their information about science from actual scientists"

 

 

 

Suncoaster
Suncoaster's picture
Offline
Last seen: 2 weeks 3 days ago
Joined: 02/22/2012 - 07:14
Posts: 2192
Location: Where the girls are green and the grass is pretty.

Unless you are very protective of your privacy, that’s pretty much the same as the phone book gives out.
So don’t worry, you’re probably not a burglar’s target just because of the XinTD you may have bought.
I expect some spam, maybe targeted, as the database is a valuable resource for other related businesses. It also reveals some of intl-outdoor’s turnover.

Although it’s probably not difficult to put names to some BLF logins, as some people may have put “Hi, I’m Ralph on BLF/CPF” in the order comments. I know I did.

"In the land of the blond the one eyed man is king."

*This message is protected with ROT26 encryption.Old Lumens

Rufusbduck
Rufusbduck's picture
Offline
Last seen: 7 months 1 week ago
Joined: 04/04/2012 - 15:34
Posts: 10389
Location: Golden state

Thanks SC, name and address have been out there my whole life. House is a dump and not much worth taking but it’s my dump. Or will be, maybe, someday. Okay, the bank(new one this week) still owns most of the part above ground.

Three Tanna leaves to give him life, nine to give him movement. But what if he eats the whole bag?

Scott

PierCC
Offline
Last seen: 1 year 1 month ago
Joined: 09/08/2011 - 15:26
Posts: 81
Location: Italy
sb56637 wrote:
I just edited their BLF rating page and removed the “Recommended” badge…

You did very well, this is really a bad thing

Hank Wang
Online
Last seen: 2 min 41 sec ago
Joined: 10/19/2011 - 10:28
Posts: 638
Location: China

We would like to extend our sincere and official apology for the leaking of the customers
personal information on line which was caused by our technician mishandling.

As soon as the issue was reported, we closed the link and asked Google to delete
all the information. A thoroughly security inspection has been done on the site.

We totally understand your dissatisfaction and severity of this issue.

Maybe some of you will never forgive us for such mistake, but we still want to express our feeling towards this issue.

Regards!
Hank

https://intl-outdoor.com, Noctigon, Emisar, flashlight components.

kreisler
kreisler's picture
Offline
Last seen: 7 years 10 months ago
Joined: 11/12/2011 - 23:32
Posts: 3992
Location: Deutcheland

i will accept 50% OFF on my next order as gesture of indemnification

 

 

*FMI* i got 4 i/o sh
atbglenn
atbglenn's picture
Offline
Last seen: 2 years 4 months ago
Joined: 07/29/2011 - 12:04
Posts: 5766
Location: Long Island, New York

I let lastpass generate my passwords. I'm not too worried

Boycott Nike

Pinetreebbs
Pinetreebbs's picture
Offline
Last seen: 6 months 4 weeks ago
Joined: 07/29/2012 - 10:39
Posts: 588
Location: South Carolina, USA, Earth

This situation was bad, but sometimes those that get burned take the most through steps never to let it happen again. Before you write a company for one mistake remember, it is very unlikely that they only one that had or has a security problem. Other companies either do not know they have a problems or discovered them and never said a word.

What can you do to protect yourself?

Do not reuse Passwords

Use complex passwords unique to every site you visit, a minimum of 16 characters or more if the site allows.

Complex PW are a PITA so get yourself a password management application, e.g., LastPass Dashlane etc.

The application will not only remember your complex passwords it will also generate them as needed, you only need to remember one (strong) password to get into the application. Not only do they store passwords they can also store data to fill in forms.

Pinetreebbs
Pinetreebbs's picture
Offline
Last seen: 6 months 4 weeks ago
Joined: 07/29/2012 - 10:39
Posts: 588
Location: South Carolina, USA, Earth
atbglenn wrote:

I let lastpass generate my passwords. I’m not too worried

+1 Ding, Ding, Ding

Ouchyfoot
Ouchyfoot's picture
Offline
Last seen: 8 months 4 weeks ago
Joined: 09/01/2012 - 06:15
Posts: 5089
Location: Canada

Will Lastpass work with an ipad?

Pinetreebbs
Pinetreebbs's picture
Offline
Last seen: 6 months 4 weeks ago
Joined: 07/29/2012 - 10:39
Posts: 588
Location: South Carolina, USA, Earth
Ouchyfoot wrote:
Will Lastpass work with an ipad?

I use it on an iPod Touch so my guess is yes. It’s a browser add on that works with Safari, Opera, Chrome, Firefox, IE browsers.

https://itunes.apple.com/us/app/lastpass-tab-browser/id372722009?mt=8

DarkSide
DarkSide's picture
Offline
Last seen: 4 years 2 months ago
Joined: 06/04/2012 - 01:50
Posts: 792
Location: NYC

Hank – As the term goes “shit happens”. The problem is this type of S—t cant happen. Can i ask if anything what protocols will Int’l Outdoors put in place to guard against another or similar breach of information? Perhaps you can share what actually occurred and the plan to address the problem with someone here that’s trusted and familiar with the terminology? I think this can help build confidence on both sides. Not there’s two sides yet in the end we just want confirmation this cannot happen again regardless of circumstance..

Hank Wang wrote:
We would like to extend our sincere and official apology for the leaking of the customers
personal information on line which was caused by our technician mishandling.

As soon as the issue was reported, we closed the link and asked Google to delete
all the information. A thoroughly security inspection has been done on the site.

We totally understand your dissatisfaction and severity of this issue.

Maybe some of you will never forgive us for such mistake, but we still want to express our feeling towards this issue.

Regards!
Hank

 


Pulsar
Pulsar's picture
Offline
Last seen: 3 months 4 days ago
Joined: 07/29/2011 - 00:41
Posts: 5848
Location: Maine

the problem was they had a directory open that wasnt properly hidden. i think the worst thing that will come out of it is some spammers have a list of emails for a very specific target. not saying that it was not a big security flaw, and the webmaster should have not let it slide… but i dont think that it is as big of a deal as many think
look at hannaford. they had compromised hundreds of thousands of people by allowing their database of credit card info to be leaked. this was a major inconvenience since i was out of state when my debit card got shut off, and i dont carry cash. i still shop there every week and still use my debit card.

ri chevy
Offline
Last seen: 9 months 5 days ago
Joined: 11/26/2011 - 20:50
Posts: 782
Location: Ocean State

I already started to receive garbage Chinese E-mails. |(

I have not received any e-mails like this in the past few years, but today, I started to get them. GO figure. Coincidence? Or just lucky?

Vectrex
Vectrex's picture
Offline
Last seen: 10 months 2 weeks ago
Joined: 05/01/2010 - 15:39
Posts: 2778
Location: Gemany (according to my Black Cat)

Did you get the typical advertisement for body parts enlargement pills or something flashlight related?

Steve_the_Chief
Steve_the_Chief's picture
Offline
Last seen: 2 years 7 months ago
Joined: 11/19/2011 - 06:12
Posts: 597
Location: Germany

I noticed an increase in spam mails too, but nothing flashlight related, just the typical crap.

Suncoaster
Suncoaster's picture
Offline
Last seen: 2 weeks 3 days ago
Joined: 02/22/2012 - 07:14
Posts: 2192
Location: Where the girls are green and the grass is pretty.

I’m monitoring spam to the email address I used at intl-outdoor.com as well, and there has been no statistically significant rise.

Since the db was leaked:
One fake facebook notification and One Canadian Meds,
both of which were appearing previously.

"In the land of the blond the one eyed man is king."

*This message is protected with ROT26 encryption.Old Lumens

csshih
Offline
Last seen: 1 year 11 months ago
Joined: 10/13/2011 - 15:21
Posts: 104
Location: San Jose

I wonder what kind of hash they were using. unsalted? modern systems can crack those in moments.

ri chevy
Offline
Last seen: 9 months 5 days ago
Joined: 11/26/2011 - 20:50
Posts: 782
Location: Ocean State

I don’t open them, just sent them to the junk mail box then deleted them from there. I was afraid to open them. It did not appear to be anything flashlight related, just general junk. Nothing about body part enlargement or anything like that either. As I said, I only looked at the titles, and did not open them up. I deleted them immediately.

Pages