Gearbest data breach: millions of customers data exposed

wolfdog1226 · 2019-03-16T18:41:14.000Z

neBstress:

I received this email from Gearbest, possibly regarding this very issue.

“IF” this is TRUE,I have nothing to worry about.

I originally though my last purchase was April of 2017,then I looked at my records again and my last purchase from them was 2 X Shockli 26650 last August 2018.

chesterqw · 2019-03-17T12:19:47.000Z

I remember they were breached in either 16, 17, or 18.

which was why I gave up buying from gearbest; IIRC the passwords were stored in plaintext, but I could have remembered wrongly.

CrashOne · 2019-03-17T12:43:34.000Z

I remember the same thing @chesterqw.

Gearbest made this post on FB regarding the data breach:

Facebook

Log into Facebook

Log into Facebook to start sharing and connecting with your friends, family, and people you know.

I think they’re not being completely open/honest about this. I don’t think they can just blame this on a firewall. Passwords are still being stored plaintext, how else could they be visible if a database was accessed?

slmjim · 2019-03-17T15:13:59.000Z

"Quote: Our hackers could access different parts of Gearbest’s database, including: ...Members database Data includes name; address; date of birth; phone number; email address; IP address; national ID and passport information..."

Whyinnahell would GB want or need passport info?

slmjim

teacher · 2019-03-17T15:22:19.000Z

slmjim:

“Quote: Our hackers could access different parts of Gearbest’s database, including: …Members database Data includes name; address; date of birth; phone number; email address; IP address; national ID and passport information…”

Whyinnahell would GB want or need passport info?

slmjim

Better yet, why would anyone give GB Passport information??

neBstress · 2019-03-17T16:41:27.000Z

teacher:

Better yet, why would anyone give GB Passport information??

For 20 GB points!

Well worth it, a bargain!!

WalkIntoTheLight · 2019-03-17T17:55:44.000Z

neBstress:

teacher:

Better yet, why would anyone give GB Passport information??

For 20 GB points!

Well worth it, a bargain!!

Damn… am I stupid for sending them the nude pics of me they asked for?

hank · 2019-03-17T18:10:57.000Z

> national ID

Don’t forget China’s social credit scoring system. Hacking that could do some real damage.

Business Insider

China's 'social credit' system ranks citizens and punishes them with...

Chinese people are being introduced to a program that monitors their behavior, scores them, and doles out punishments and rewards.

EDCba · 2019-03-18T13:41:19.000Z

CrashOne:

I remember the same thing @chesterqw.

Gearbest made this post on FB regarding the data breach:

Redirecting...

I think they’re not being completely open/honest about this. I don’t think they can just blame this on a firewall. Passwords are still being stored plaintext, how else could they be visible if a database was accessed?

Yeah, what? They’re storing password in plaintext?

EDCba · 2019-03-20T06:13:50.000Z

Hmm, if gb doesn’t want to delete your account, but anyone has access to their databases…

AgentSteel · 2019-03-20T20:38:12.000Z

Bad news…

Yep. Never use the same password on different websites.

I like to generate random, long complicated passwords using various utilities, like ‘pwgen’ on Linux. (I would avoid online password generators, you never know… if they get breached )

Sort of one time password, just for a session. Then reQuest a password change the next time you need to login.

G0OSE · 2019-03-20T21:39:28.000Z

AgentSteel:

Bad news…

Yep. Never use the same password on different websites.

I like to generate random, long complicated passwords using various utilities, like ‘pwgen’ on Linux. (I would avoid online password generators, you never know… if they get breached :smiling_imp: )

Sort of one time password, just for a session. Then reQuest a password change the next time you need to login.

Exactly - who needs a password generator anyway? just close your eyes and go for it! fpbgrdfgpbfpasrjajrstabrs9ju0-9!~~]ifp][egpwjg~~ there you go! OOPS! I’ll have to change that now lol!

Lightbringer · 2019-03-20T22:26:56.000Z

Maybe I shouldn’t “broadcast” my GB password, but…

Macka17 · 2019-03-21T02:11:39.000Z

Mine is my First wedding date back in ’63.
with a few squiggles and numbers intermingled.
A REAL secure security prog is very important too.
Everything on this and wife’s comp’s
go through a prog my Bank Manager put me onto 12 yrs ago.

Good enuff for me. My Bank’s group operate under it.

Have NEVER had any intrusions or blue screens since.
Plus it locks out anything it thinks naughty and notifies me
keep or delete.
From OUTSIDE my system. Including any Passwords
NOT from this IP addy.

The_Driver1 · 2019-03-21T12:01:12.000Z

Macka17:

Mine is my First wedding date back in ’63.
with a few squiggles and numbers intermingled.
A REAL secure security prog is very important too.
Everything on this and wife’s comp’s
go through a prog my Bank Manager put me onto 12 yrs ago.

Good enuff for me. My Bank’s group operate under it.

Have NEVER had any intrusions or blue screens since.
Plus it locks out anything it thinks naughty and notifies me
keep or delete.
From OUTSIDE my system. Including any Passwords
NOT from this IP addy.

Which program?

EDCba · 2019-03-25T02:24:47.000Z

To their credit, they deleted my account after asking.

mmalive · 2019-03-28T22:21:27.000Z

Yeah, reason I pay with Paypal exclusively. No chance of any credit card information compromised.

caramba · 2019-04-07T22:19:54.000Z

This gotta be an inside job,
It says all my points expired.

hIKARInoob · 2019-04-07T22:21:48.000Z

caramba:

This gotta be an inside job,
It says all my points expired.

April 1st expires points obtained before October (or something like that).

Macka17 · 2019-04-08T03:13:55.000Z

The Driver.

Bitdefender Total. Paid.
There are several levels, depending on Dollars paid.

We go ALL over the Internet, incl places I shouldn’t.
It catches and blocks everything so far,
and gives you the choices of what to do with each item.
My plan basic. Covers 5 items and you can buy more.
Over 10 yrs now on all day. every day.
So far ALL clean.
Can’t get better than that.
Have tried 90% of the others. Paid and free. Since Win 3.
They ALL gave us hic-cups and blue screens at some time or other.

This one. With me anyway. Just keeps on keeping on.