BotCon  

Fun Publications Security Breach Update - Replace Cards Used in Previous Stores Immediately; Range of Information Breach Unknown

Fun Publications has sent out a new update to all members regarding the ongoing investigation of the security breach (ongoing coverage) of their online store.

The security firm has found that the Fun Publications store was subject to a SQL injection code attack sometime before Christmas.

This type of attack can be done by guessing the SQL schema and manipulating data.

The attack was undetected and allowed hackers to continue to return to the server at any time and access additional customer information.

As it was previously recommended, if you still have any credit cards that were used on the old club store at any time, cancel and replace the cards immediately and change any common passwords used between the club store, credit card websites, or any other sites.

The new store that launched last week is currently offline to process orders, but Fun Publications reiterates that it "is a totally different piece of software, at a totally different hosting site."

FULL STATEMENT

    Here is the latest update on the credit card security investigation.

    The firm we have hired to analyze our former ecommerce server and software has preliminarily determined that we did incur a SQL injection code attack sometime before Christmas. Our ISP did have a commercial product installed that was supposed to defeat these types of attacks, but apparently it failed.

    This allowed the hackers access to our order information. While it is still unknown exactly what data they were able to harvest (investigation continues) we need to assume that they were able to extract all of our order information. The security firm thinks that this attack has allowed the hackers to come back periodically and harvest more information. However, once the old server was taken out of service (around February 21st) there was nothing left for them to access.

    Once this information was stolen, (no matter if it was back before Christmas) there is no time frame as to when the thieves may sell or try to use the information to purport credit card theft.

    What does this mean to me?

    We are asking again that anyone who has used a credit card in our old online systems in the past year (NOT THE NEW STORE) to get your card replaced immediately. If you have done this already, there is no action required on your part.

    We apologize for the inconvenience, we know this whole thing is a pain, but it is better to replace the cards than have to deal with any issues that may result from this theft of data. Even though the amount of fraud has greatly declined, we are still receiving a customer report every few days of someone else (who hasn’t replaced their cards) getting hit. We strongly encourage you to take this step immediately if you have not done so already. Again, this DOES NOT pertain to any cards that have been used in the new store.

    What is the plan?

    We are still working on all of the issues and are several weeks away from a final resolution. Our new store is currently offline while we complete the entries and audit the data from the renewals we received last week. Just to reiterate, this new store is a totally different piece of software, at a totally different hosting site. There are hundreds of other retailers using this same software as it is hosted by the software creators.

    We hope to have the store online and registration system back online sometime next week. When the store comes back online, we will be adding products slowly so it will take some time to have everything back in the store.

    Thank you for your patience and support during this trying issue.

    Brian

Data Center

Member Comments

NO COMMENTS YET
Start the coversation!

Post A Comment
(Membership Required)

Transformers Shops

Advertise Here on TFormers.com

Shop Online for Transformers Age Of The Primes

The affiliate links on this site may generate revenue for it when a purchase is made

Transformers Shopping



More BotCon News & Reviews



Advertise Here!








This site uses cookies for site configuration, advertising, and analysis. By using this site you accept our policies - Read Full Site Policy OK
Sign Up For The TNI Newsletter And Have The News Delivered To You!
SOCIAL NETWORKS

ToyNewsI MarvelousNews Tformers JediInsider
Entertainment News International (ENI) is the oldest, largest, and most popular news source for adult toy collectors (kidults) all around the world.

Get the scoop every day on all the popular culture action figures, comics, games, movies, toys, and more!

Contact and Support
Advertising | Submit News | Contact ENI | Privacy Policy


All images, trademarks, logos, video, brands and images used on this website are registered trademarks of their respective companies and owners. All Rights Reserved. Data has been shared for news reporting purposes only. All content sourced by fans, online websites, and or other fan community sources. Entertainment News International is not responsible for reporting errors, inaccuracies, omissions, and or other liablities related to news shared here. We do our best to keep tabs on infringements. If some of your content was shared by accident. Please Contact us about any infringements right away - CLICK HERE
UPDATE LOW_PRIORITY nuke_stories SET counter=counter+1 where sid=17397