Discussion - Member to Member Sales - Research Center
Discussion - Member to Member Sales - Research Center
We discovered over night that the Stamporama website has been hacked and data from the membership database has been taken. All of our emails, password and phone numbers were posted on a website called skymem.com on Sept 21. Arno found this after investigating Alyn's post re his password having been changed by someone. I have requested that the information be taken down from the skymem.com website, but it could well be posted there again. We have no knowledge about the stolen information being used apart from the fact that it was posted on the skymem site.
I believe that I have found where they got in and have closed the security hole. I apologize sincerely that the security hole existed and that I hadn't caught it before.
It is very important that you go onto the Members Area and change your password. Even more important than that, if you use the same password that you use on Stamporama on other websites, especially if you use the same email address on those other websites, you should go and change your password on those websites. This is especially important if you use your stamporama password for any banking websites etc.
To change your password on Stamporama, login and go to the Members Area and use the "Change Password" function, which is right underneath the Edit Profile function. Please let me know if you need help.
I have sent this message out to all active members, except those who have unsubscribed from the bulk emails.
Regards ... Tim.
4 Members
like this post.
Login to Like.
Thank you, Tim -
I'm sure I speak for others in saying we appreciate your prompt response in this.
...password changed!
Randy
3 Members
like this post.
Login to Like.
me2. thanks.
Login to Like
this post
Makes you wonder what these idiots get out of doing stuff like that. They ought to get a job! 
Anyway, my p/w now changed. Thanks for the update.
Login to Like
this post
pw changed --thanks, Tim.
I am concerned that members who do not read the DB will not know of this. Is there any way to do a mass email?
BOB
Login to Like
this post
Hi Bob,
There is an email going out to all active members right now (except to the members who have unsubscribed to the bulk emails). I have also posted the message on the SOR Facebook page.
Tim
Login to Like
this post
If there had been any widespread abuse, I believe we would have become aware of this issue much earlier. Great. Tim, that you have figured out and fixed the vulnerability.
What are you going to do about such lowlifes? We could consider requiring mandatory password changes every couple of months, but that is probably not very popular with most users. So, I believe that falls into the realm of the internet being a scary place and to always be guarded, i.e., to use different passwords for different places and to change them once in a while. Of course, me too is guilty of not doing so at all times.
Login to Like
this post
Maybe we need to consider to encrypt password.
Nobody should be able to decrypt it, even users can only reset, not recover.
Sam
Login to Like
this post
Sam,
You and I had the same thought. I'm looking into encrypting the passwords now.
Regards ... Tim.
Login to Like
this post
"Makes you wonder what these idiots get out of doing stuff like that."
If anything, practice for the big money hack jobs later. Scumbags, nonetheless.
This a good reason to update passwords on a regular basis and to use different ones on different sites.
Peter
Login to Like
this post
PW changed! Thanks for the warning!
biggeorge
Login to Like
this post
For all those sites that want a password but cannot hurt me - for example, a newspaper that requires a log-in but does not have my credit card - I use a single password.
At last count, there were dozens & dozens of such sites using that non-critical, non-financial, pretty-much-zero-impact password.
The very idea of making-up 50-100 different, secure passwords - for each credit card, retailer, etc - and changing them strikes me as ridiculous.
I've tried password-generating software but, frankly, did not like the results, as I have to save the whole password in a convenient electronic place, and having a document on my desktop with a long list of URLs and passwords does not appeal to me.
Without giving away your family jewels, how do you manage your flock of passwords?
Cheers,
/s/ ikeyPikey
1 Member
likes this post.
Login to Like.
Changed mine!
Thanks for the warning!
Login to Like
this post
Thanks for keeping us all on our toes, Tim. Password(s) changed. We get too lax with changing them periodically.
Login to Like
this post
"The very idea of making-up 50-100 different, secure passwords - for each credit card, retailer, etc - and changing them strikes me as ridiculous.
"
Famous last words.
Login to Like
this post
Back from current trip....Thanks have changed PW
Login to Like
this post
Changed mine, thanks for the warning Tim.
If anyone is using Firefox, all your saved passwords are available to see. Go to Options in the menu (3 bars) icon, top right of screen. Click on security, passwords and view passwords.
Personally I keep mine in a book that is then hidden within other papers but mostly memory works well after a few entries.
Login to Like
this post
Password changed - thanks for the info.
James
Login to Like
this post
Thanks Tim............I'm changed
Login to Like
this post
Changed mine, too!
Login to Like
this post
Done!
Login to Like
this post
Thank you for Tim
all changed now!!!
Login to Like
this post
Done thanks !
Login to Like
this post
Changed. Thanks for the email!
Mark
Login to Like
this post
Passord changed... thank-you for your diligence!
David
Login to Like
this post
Thanks to SOR adminstrators for being open about this and addressing this so quickly!
I will add the following. I noticed an uptick in the number of spoofed emails from SoR members over the past 2 weeks. Oftentimes, the mailbox is actually correct but the domain name is different. The spoofing appears pretty convincing, otherwise, because they are using our full names rather than our username handles. I was concerned about this enough to contact at least one SoR member about this.
I think now I know why the uptick in the spoofed emails.
So please be advised to be extra careful to check the domain name in any emails you think you are receiving from SoR members. I'm not saying toss any emails from SOR members, but that you should check to make sure the domain name is the same as in the emails you received from them in the past.
Login to Like
this post
Changed - thank you !!
Login to Like
this post
Like khj, I've also gotten e-mails that seemed to come from SOR members; however, unlike real messages these latest e-mails have been routed to my spam box rather than my inbox. I'm not sure how the Yahoo spam filters detect the difference, but I've made a note not to open any items in the spam box. The two I did open didn't appear to have any clickable links, but had nothing to do with stamps. I've also changed my password.
Login to Like
this post
Thanks, Tim for catching this quickly and closing the entry hole the hackers accessed. Keep up the good work.
Got my p/w changed.
Login to Like
this post
Thanks, changed this one and 3 others that were minor.
1 Member
likes this post.
Login to Like.
Just changed mine. Thanks Tim.
Login to Like
this post
Password changed....
Anyway, as online security is part of my profession, I've got two (ok, three) suggestions
1) instead of asking users to change password, the system/admins should automatically update everybody's password in situations like this. Then ask users to simply reset their password (using email based opt-in/confirmation system). That way any further damages are immediately prevented instead of relying whether or not all users read the notification.
2) Hashing passwords in database is MUST DO action. Storing passwords as plain text (or with simple encryption) has been big no-no for the past decade. (Again, if it requires resetting everybody's passwords, so be it. )
3) In addition of member details, I'm bit worried if also private messages have been affected/leaked as well? Personally I would never share any sensitive information (such as credit card details) using anything as insecure as email or members messages, but I do know for a fact that some collectors do so.... If the messages have leaked as well, then it might be a good idea to ask users to kill their credit cards if they have shared their credit card details using private/members messages.
Just my 5 cents worth,
-k-
Login to Like
this post
Hi Scb,
Thanks for your suggestions. It is much appreciated especially as you are an IT professional. Below are some comment/explanations re your comments.
1. As we stand today I don't have a way for a member to change their password unless they are logged in. If I globally changed everyone's password, which would have addressed the initial security breach, no-one would have been able to login. It was quickest to ask everyone to help get them changed.
2. I'm working today on implementing password encryption across all membership records so that even if someone manages to hack-in again, they will not be able to read the passwords.
3. I don't think that they got to the private messages, but I can't be sure. We should all keep a close eye out for anything strange.
Thanks again for you your comments.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
Thanks for the information. My password is changed.
Appreciate all the hard work that has to be done.
Suzanne
Login to Like
this post
Password changed, but I wonder if other sections on the system have been affected.
Tony
Login to Like
this post
"... Famous last words ..."
So, yes, you have 50-100 different secure passwords, and change them 2x/year?
Login to Like
this post
Thanks Tim. PW changed
Greg
Login to Like
this post
Changed - and I changed my password on all of my other selling sites that use the same email. At least my PAYPAL account I had already set up with a different password because I have been hit there a few times.That is the one that could cause the most issues - if they could get into there with the password from here.
1 Member
likes this post.
Login to Like.
Hi Tim,
Thanks for the warning - password changed
Merv
Login to Like
this post
Changed my PW too
Login to Like
this post
Done. Thanks for spotting the problem so soon, and hopefully no harm done to any members.
Login to Like
this post
Thanks for the quick heads up on this Tim! PW changed.
Was our street addresses post on the site too? Stamporama is the only stamp forum I belong too that requires a street address for membership.
1 Member
likes this post.
Login to Like.
Hi Brian,
No the street addresses were not posted on the hacker site.
Regards ... Tim
Login to Like
this post
Hi Tim,
Thanks for securing the site and plugging the leak. I am just wondering what exactly showed up on the hacker site?
All the best,
Alyn
Login to Like
this post
Ikey-Pikey said;
"Without giving away your family jewels, how do you manage your flock of passwords?"
I have an old address book that I have written all my passwords in to all my sites used.
This is done for 2 reasons -
1) so I don't have to REMEMBER them all!
and
2) in case anything happens to me
, my wife can access all my stuff with no problem - after all, when I'm gone, it's all hers!
Randy
1 Member
likes this post.
Login to Like.
Thanks Tim. Job well done!
Login to Like
this post
Well, this is ONE way to find out who is still active around here!
LOL
Randy
1 Member
likes this post.
Login to Like.
Great one, Randy!
PW changed. Mine was unique to SOR.
I too have received spoof email from supposedly SOR members. Arrived in my Spam. Didn't open the attachment, deleted the message, and performed an in-depth scan. No infection was found.
Login to Like
this post
PW changed. Thanks for the update
Login to Like
this post
Changed. Thanks
Login to Like
this post
Hi Tim;
Changed my password too....
TuskenRaider
Login to Like
this post
I am getting e mails from auction houses i am not familiar with..we may have been spread around the philatelic community !
1 Member
likes this post.
Login to Like.
The last post was mine...i thought i was logged on..but i guess not !
Login to Like
this post
"Without giving away your family jewels, how do you manage your flock of passwords?"
Just one word - KeePass2
http://keepass.info
It's a 'geek tool' so there's a bit of a learning curve to get into it. But fortunately Youtube has got lots of videos that should get anybody started with it. Though it's officially Windows only, there is number of exensions/tools that integrate (make it work seamlessly) on ANY browser, device or operating system.
Once you get everything up and running, it works pretty much on the background (reminding when to renew passwords, fills usernames + passwords when required, creates new passwords when required etc). The only thing you'll really have to take care is have backups of your 'master password' file (which in itself can be crypted in number of ways) in case of computer crash etc.
-k-
Login to Like
this post
I got the rest of mine about 30 minutes ago. I wondered about that as well but it was mentioned that there is an automatic extension of a lot if there is a bid within a certain time of the lot ending. I was not aware of that feature.
Greg
Login to Like
this post
Brian and Greg,
With the bulk email that I sent out yesterday re the website getting hacked, there was a big backup of emails to send. Brian, you have all your emails now, right?
Regards ... Tim.
Login to Like
this post
Hi Brian,
I'm not sure what has happened to your auction emails. It all looks OK on the server. Could you please check your spam/junk folders in your email program?
Regards ... Tim.
Login to Like
this post
Thanks for the email and notification. PW changed!
Vince
Login to Like
this post
Hi all, I only just received the info this morning, Monday.
I could not log in(password invalid) so have created a new profile/username/password.
All my internet registrations/passwords are in software from coffeecup.com
Its called "Lockerbox" check it out, it works. Different passwords generated by the software. I have been using it for a long time. So in short, every internet account I use has a different password.
To get any of my info one would have to hack my personal computer and then hack lockerbox.
On forums I always use a postal address of a Jail/Goal, after all I would say any communication on Forums is by email.
1 Member
likes this post.
Login to Like.
Bicolor04,
Of course, creating a new username/profile will wipe out your history here (history of lots sold and won, invoicing, discussions you participated under your old name etc. etc. etc.). It will also duplicate our member count (?). Better really not to become a 'new' member, but to use the "change password" function for your old username, which is now located below the login box. Perhaps Tim should make the link a little more prominent to avoid that members believe they must create new profiles.
Arno
2 Members
like this post.
Login to Like.
I put a note on each of the Login screens to bring peoples attention to the Forgotten Password link.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
I've been using LastPass for several years now. It's a great password generator and password vault program. You need to remember only one password - that's the one to access LastPass itself.
There is a free version available. I use the premium version ($12/year) so that I can access my passwords on my phone and tablet.
Please forgive me if it isn't appropriate to give publicity to other programs here.
Login to Like
this post
Hi David,
It is all good. LastPass sounds like a solution that would work for many of our members.
Regards ... Tim.
Login to Like
this post
...in the end, I changed it!!
Login to Like
this post
If you have trouble remembering passwords AND serial numbers AND other data numbers...........::
The password holder "Web Confidential" works very well for me also "PassDiary" for iPad and iPhone work in the same way................
Cheers
Steve.
Login to Like
this post
Hi Milko,
Don't I know you from somewhere else?
Steve.
Login to Like
this post
Hi, Thanks for the email. Pasword successfully changed. Please note that skymem does not want confidential data on their website and according to their faq you can delete documents from their site by clicking on the Remove Button above each document. Don't know if that's true. You cana lso remove data from google search results, etc.
http://www.skymem.com/faq
Login to Like
this post
Hi Jim,
You are quite correct. I did make use of their "Remove" function. They don't guarantee that the data will stay removed, so I'm keeping an eye on it every couple of days.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
Not sure if related but note a debit of $24.10 on my Visa account dated today from a source I do not recognize.. It shows as pending so no use calling until Monday. I of course did not have this card # as part of my information on here but maybe someone used my password to access my account.
Login to Like
this post
Hi,
I had not reset the password earlier but it was working fine till today when I was unable to login to SOR.My password was saved so whenever I used to open SOR it always used to open the page with me logged in, but today it was not logging me in. I remembered my password but still it was not logging me in with my password. So, I had to reset the password and log in again.
Few questions to Admin:
1. Can anyone change my password without any email communication to the email address which is updated in SOR.
2. Assuming someone hacked the password of SOR and changed the email address from my profile, would not be an email communication sent to the earlier email ID which was there providing the info that your email address has been changed.
3. As I worked in the technical field earlier in server-networking,curious to know was there any technical gap which was opened when we were moved from the old to the new server of SOR.
4. We discussed about encryption, any update on it.
Thanks
Auro
Login to Like
this post
Hi Boseauro,
Here are the answers to your questions:
1. Only you can change your password either by using the Change Password function in the members area or by using the Forgot Password link on the Login page.
2. Had your email address been changed?
3. We don't know if any technical gap that was opened up by moving to the new server.
4. All passwords are encrypted.
Regards ... Tim.
Login to Like
this post
Hi Tim,
Thanks for your response.
Coming back to my first question:
When we change our password, is there any email communication sent? In this case I did not get any email when my password was changed,so I probably assuming my password was compromised.
After I reset my password it is working fine now.
Thanks
Auro
Login to Like
this post
Tim,
Please excuse me if these questions were already answered. I didn't see it if it was.
I just did a google search for my email address and I found where my email address, password and phone number were on the skymem website. Is there any way to get it off of there or is it just "tough luck"?
I saw the previous answer to this question, thanks.
Also, what else did they get? Do they have my name and address? I couldn't tell from what I saw.
What in the world is skymem.com anyway?
Thanks in advance,
-Ernie
Login to Like
this post
10:23:07am
My old one is still listed in Google search too. 
Login to Like
this post
Hi Ernie,
Skymem.com seems to be a website where hackers like to post their scalps (if you will excuse the term). If you are seeing a page on their website with your details, there should be a Remove button that you can use. I have done so and I thought that it had removed all of our information. I did a search using your email address and it seemed to be removed, but that could just have been the view that Google is giving me. Try clicking on the Remove button.
Regards ... Tim
Login to Like
this post
I think the data is still in the Google cache, but no longer on the Skymem site. I checked for my info, and that's what happened. Showed up in the Google search, but did not show up on the Skymem site.
Login to Like
this post
I am very disappointed by the lack of security on this site. This is not the first issue I have had with the site and must consider it the third strike.
I would hope that Tim would continue to check skymem.com to be sure our information is not re-posted. I am not sure we have heard the last of this yet.
How can I have my personal information removed from StampoRama? I no longer care to be a member of this site. Please advise me on how to proceed and how to document that my personal data is removed from this site.
Login to Like
this post
11:31:41am
Charlie,
There is no personal data on Stamporama that anyone with even a beginner's knowledge of the internet could not find out elsewhere. Anyone who believes that their private lives are safe from intrusion by a determined data miner is living in a fool's paradise. The internet is a dangerous place, but then so are the dark alleys of most of our cities. Good luck trying to find a safe haven on the WWW, you have a monumental task before you!
Login to Like
this post
" Anyone who believes that their private lives are safe from intrusion by a determined data miner is living in a fool's paradise."
How very true. Remember when many people put their social security numbers on their checks and the police recommended that you engrave your social security number on expensive items?
Now we are told to do whatever it takes to keep that number from anyone and to make sure you don't carry your social security card in your wallet. And yet the government uses your social security number for your Medicare number and you are supposed to carry that card with you. Add in that it appears on all of your medical records which cannot be referred to as "secure" by any stretch of the imagination.
Try tracking down an old classmate on the internet - you can usually find them easily. Even the difficult ones who have moved several times can generally be found in less than half an hour.
Login to Like
this post
@cfc1967,
I understand your frustration. We have done everything that we can to secure the website, but we are not hackers and don't have the same type of knowledge as the people who broke into the website. My focus has always been on building not breaking. I continue to look for possible break-ins on a regular basis and I scan the internet to try and find our private information out there. But don't just leave this to me. I strongly encourage you to to be scanning the internet for your personal information. Do regular Google scans for your email address. This was how Arno originally discovered that we had been hacked.
Regards ... Tim.
2 Members
like this post.
Login to Like.
The SOR is highly unstable today. I am unable to post elsewhere, and only after 1/2 hour of tries can I hope to issue this warning. Highly unstable. Login, edit, posts etc all seem to have issues.
Started at 10:30 am more or less CA time.
Rrr. Posting now in desperation before loosing the connection.
Login to Like
this post
Hi Everyone,
We discovered over night that the Stamporama website has been hacked and data from the membership database has been taken. All of our emails, password and phone numbers were posted on a website called skymem.com on Sept 21. Arno found this after investigating Alyn's post re his password having been changed by someone. I have requested that the information be taken down from the skymem.com website, but it could well be posted there again. We have no knowledge about the stolen information being used apart from the fact that it was posted on the skymem site.
I believe that I have found where they got in and have closed the security hole. I apologize sincerely that the security hole existed and that I hadn't caught it before.
It is very important that you go onto the Members Area and change your password. Even more important than that, if you use the same password that you use on Stamporama on other websites, especially if you use the same email address on those other websites, you should go and change your password on those websites. This is especially important if you use your stamporama password for any banking websites etc.
To change your password on Stamporama, login and go to the Members Area and use the "Change Password" function, which is right underneath the Edit Profile function. Please let me know if you need help.
I have sent this message out to all active members, except those who have unsubscribed from the bulk emails.
Regards ... Tim.
4 Members
like this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thank you, Tim -
I'm sure I speak for others in saying we appreciate your prompt response in this.
...password changed!
Randy
3 Members
like this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Makes you wonder what these idiots get out of doing stuff like that. They ought to get a job!
Anyway, my p/w now changed. Thanks for the update.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
pw changed --thanks, Tim.
I am concerned that members who do not read the DB will not know of this. Is there any way to do a mass email?
BOB
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Bob,
There is an email going out to all active members right now (except to the members who have unsubscribed to the bulk emails). I have also posted the message on the SOR Facebook page.
Tim
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
If there had been any widespread abuse, I believe we would have become aware of this issue much earlier. Great. Tim, that you have figured out and fixed the vulnerability.
What are you going to do about such lowlifes? We could consider requiring mandatory password changes every couple of months, but that is probably not very popular with most users. So, I believe that falls into the realm of the internet being a scary place and to always be guarded, i.e., to use different passwords for different places and to change them once in a while. Of course, me too is guilty of not doing so at all times.
Login to Like
this post
10:19:35am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Maybe we need to consider to encrypt password.
Nobody should be able to decrypt it, even users can only reset, not recover.
Sam
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Sam,
You and I had the same thought. I'm looking into encrypting the passwords now.
Regards ... Tim.
Login to Like
this post
11:05:49am
re: The Stamporama website has been hacked. PLEASE READ NOW.
"Makes you wonder what these idiots get out of doing stuff like that."
If anything, practice for the big money hack jobs later. Scumbags, nonetheless.
This a good reason to update passwords on a regular basis and to use different ones on different sites.
Peter
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
PW changed! Thanks for the warning!
biggeorge
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
For all those sites that want a password but cannot hurt me - for example, a newspaper that requires a log-in but does not have my credit card - I use a single password.
At last count, there were dozens & dozens of such sites using that non-critical, non-financial, pretty-much-zero-impact password.
The very idea of making-up 50-100 different, secure passwords - for each credit card, retailer, etc - and changing them strikes me as ridiculous.
I've tried password-generating software but, frankly, did not like the results, as I have to save the whole password in a convenient electronic place, and having a document on my desktop with a long list of URLs and passwords does not appeal to me.
Without giving away your family jewels, how do you manage your flock of passwords?
Cheers,
/s/ ikeyPikey
1 Member
likes this post.
Login to Like.
11:25:00am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed mine!
Thanks for the warning!
Login to Like
this post
11:36:35am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks for keeping us all on our toes, Tim. Password(s) changed. We get too lax with changing them periodically.
Login to Like
this post
11:54:00am
re: The Stamporama website has been hacked. PLEASE READ NOW.
"The very idea of making-up 50-100 different, secure passwords - for each credit card, retailer, etc - and changing them strikes me as ridiculous.
"
Famous last words.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Back from current trip....Thanks have changed PW
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed mine, thanks for the warning Tim.
If anyone is using Firefox, all your saved passwords are available to see. Go to Options in the menu (3 bars) icon, top right of screen. Click on security, passwords and view passwords.
Personally I keep mine in a book that is then hidden within other papers but mostly memory works well after a few entries.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Password changed - thanks for the info.
James
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks Tim............I'm changed
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed mine, too!
Login to Like
this post
12:32:58pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Done!
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thank you for Tim
all changed now!!!
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Done thanks !
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed. Thanks for the email!
Mark
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Passord changed... thank-you for your diligence!
David
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks to SOR adminstrators for being open about this and addressing this so quickly!
I will add the following. I noticed an uptick in the number of spoofed emails from SoR members over the past 2 weeks. Oftentimes, the mailbox is actually correct but the domain name is different. The spoofing appears pretty convincing, otherwise, because they are using our full names rather than our username handles. I was concerned about this enough to contact at least one SoR member about this.
I think now I know why the uptick in the spoofed emails.
So please be advised to be extra careful to check the domain name in any emails you think you are receiving from SoR members. I'm not saying toss any emails from SOR members, but that you should check to make sure the domain name is the same as in the emails you received from them in the past.
Login to Like
this post
02:01:32pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed - thank you !!
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Like khj, I've also gotten e-mails that seemed to come from SOR members; however, unlike real messages these latest e-mails have been routed to my spam box rather than my inbox. I'm not sure how the Yahoo spam filters detect the difference, but I've made a note not to open any items in the spam box. The two I did open didn't appear to have any clickable links, but had nothing to do with stamps. I've also changed my password.
Login to Like
this post
02:26:13pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks, Tim for catching this quickly and closing the entry hole the hackers accessed. Keep up the good work.
Got my p/w changed.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks, changed this one and 3 others that were minor.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Just changed mine. Thanks Tim.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Password changed....
Anyway, as online security is part of my profession, I've got two (ok, three) suggestions
1) instead of asking users to change password, the system/admins should automatically update everybody's password in situations like this. Then ask users to simply reset their password (using email based opt-in/confirmation system). That way any further damages are immediately prevented instead of relying whether or not all users read the notification.
2) Hashing passwords in database is MUST DO action. Storing passwords as plain text (or with simple encryption) has been big no-no for the past decade. (Again, if it requires resetting everybody's passwords, so be it. )
3) In addition of member details, I'm bit worried if also private messages have been affected/leaked as well? Personally I would never share any sensitive information (such as credit card details) using anything as insecure as email or members messages, but I do know for a fact that some collectors do so.... If the messages have leaked as well, then it might be a good idea to ask users to kill their credit cards if they have shared their credit card details using private/members messages.
Just my 5 cents worth,
-k-
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Scb,
Thanks for your suggestions. It is much appreciated especially as you are an IT professional. Below are some comment/explanations re your comments.
1. As we stand today I don't have a way for a member to change their password unless they are logged in. If I globally changed everyone's password, which would have addressed the initial security breach, no-one would have been able to login. It was quickest to ask everyone to help get them changed.
2. I'm working today on implementing password encryption across all membership records so that even if someone manages to hack-in again, they will not be able to read the passwords.
3. I don't think that they got to the private messages, but I can't be sure. We should all keep a close eye out for anything strange.
Thanks again for you your comments.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks for the information. My password is changed.
Appreciate all the hard work that has to be done.
Suzanne
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Password changed, but I wonder if other sections on the system have been affected.
Tony
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
"... Famous last words ..."
So, yes, you have 50-100 different secure passwords, and change them 2x/year?
Login to Like
this post
Approvals
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks Tim. PW changed
Greg
Login to Like
this post
Approvals
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed - and I changed my password on all of my other selling sites that use the same email. At least my PAYPAL account I had already set up with a different password because I have been hit there a few times.That is the one that could cause the most issues - if they could get into there with the password from here.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Tim,
Thanks for the warning - password changed
Merv
Login to Like
this post
Approvals
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed my PW too
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Done. Thanks for spotting the problem so soon, and hopefully no harm done to any members.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks for the quick heads up on this Tim! PW changed.
Was our street addresses post on the site too? Stamporama is the only stamp forum I belong too that requires a street address for membership.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Brian,
No the street addresses were not posted on the hacker site.
Regards ... Tim
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Tim,
Thanks for securing the site and plugging the leak. I am just wondering what exactly showed up on the hacker site?
All the best,
Alyn
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Ikey-Pikey said;
"Without giving away your family jewels, how do you manage your flock of passwords?"
I have an old address book that I have written all my passwords in to all my sites used.
This is done for 2 reasons -
1) so I don't have to REMEMBER them all!
and
2) in case anything happens to me
, my wife can access all my stuff with no problem - after all, when I'm gone, it's all hers!Randy
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks Tim. Job well done!
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Well, this is ONE way to find out who is still active around here!
LOL
Randy
1 Member
likes this post.
Login to Like.
08:59:23pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Great one, Randy!
PW changed. Mine was unique to SOR.
I too have received spoof email from supposedly SOR members. Arrived in my Spam. Didn't open the attachment, deleted the message, and performed an in-depth scan. No infection was found.
Login to Like
this post
09:08:56pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
PW changed. Thanks for the update
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Changed. Thanks
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Tim;
Changed my password too....
TuskenRaider
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
I am getting e mails from auction houses i am not familiar with..we may have been spread around the philatelic community !
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
The last post was mine...i thought i was logged on..but i guess not !
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
"Without giving away your family jewels, how do you manage your flock of passwords?"
Just one word - KeePass2
http://keepass.info
It's a 'geek tool' so there's a bit of a learning curve to get into it. But fortunately Youtube has got lots of videos that should get anybody started with it. Though it's officially Windows only, there is number of exensions/tools that integrate (make it work seamlessly) on ANY browser, device or operating system.
Once you get everything up and running, it works pretty much on the background (reminding when to renew passwords, fills usernames + passwords when required, creates new passwords when required etc). The only thing you'll really have to take care is have backups of your 'master password' file (which in itself can be crypted in number of ways) in case of computer crash etc.
-k-
Login to Like
this post
Approvals
re: The Stamporama website has been hacked. PLEASE READ NOW.
I got the rest of mine about 30 minutes ago. I wondered about that as well but it was mentioned that there is an automatic extension of a lot if there is a bid within a certain time of the lot ending. I was not aware of that feature.
Greg
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Brian and Greg,
With the bulk email that I sent out yesterday re the website getting hacked, there was a big backup of emails to send. Brian, you have all your emails now, right?
Regards ... Tim.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Brian,
I'm not sure what has happened to your auction emails. It all looks OK on the server. Could you please check your spam/junk folders in your email program?
Regards ... Tim.
Login to Like
this post
02:06:25pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Thanks for the email and notification. PW changed!
Vince
Login to Like
this post
03:45:23pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi all, I only just received the info this morning, Monday.
I could not log in(password invalid) so have created a new profile/username/password.
All my internet registrations/passwords are in software from coffeecup.com
Its called "Lockerbox" check it out, it works. Different passwords generated by the software. I have been using it for a long time. So in short, every internet account I use has a different password.
To get any of my info one would have to hack my personal computer and then hack lockerbox.
On forums I always use a postal address of a Jail/Goal, after all I would say any communication on Forums is by email.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Bicolor04,
Of course, creating a new username/profile will wipe out your history here (history of lots sold and won, invoicing, discussions you participated under your old name etc. etc. etc.). It will also duplicate our member count (?). Better really not to become a 'new' member, but to use the "change password" function for your old username, which is now located below the login box. Perhaps Tim should make the link a little more prominent to avoid that members believe they must create new profiles.
Arno
2 Members
like this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
I put a note on each of the Login screens to bring peoples attention to the Forgotten Password link.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
07:48:33pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
I've been using LastPass for several years now. It's a great password generator and password vault program. You need to remember only one password - that's the one to access LastPass itself.
There is a free version available. I use the premium version ($12/year) so that I can access my passwords on my phone and tablet.
Please forgive me if it isn't appropriate to give publicity to other programs here.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi David,
It is all good. LastPass sounds like a solution that would work for many of our members.
Regards ... Tim.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
...in the end, I changed it!!
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
If you have trouble remembering passwords AND serial numbers AND other data numbers...........::
The password holder "Web Confidential" works very well for me also "PassDiary" for iPad and iPhone work in the same way................
Cheers
Steve.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Milko,
Don't I know you from somewhere else?
Steve.
Login to Like
this post
07:13:34am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi, Thanks for the email. Pasword successfully changed. Please note that skymem does not want confidential data on their website and according to their faq you can delete documents from their site by clicking on the Remove Button above each document. Don't know if that's true. You cana lso remove data from google search results, etc.
http://www.skymem.com/faq
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Jim,
You are quite correct. I did make use of their "Remove" function. They don't guarantee that the data will stay removed, so I'm keeping an eye on it every couple of days.
Regards ... Tim.
1 Member
likes this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
Not sure if related but note a debit of $24.10 on my Visa account dated today from a source I do not recognize.. It shows as pending so no use calling until Monday. I of course did not have this card # as part of my information on here but maybe someone used my password to access my account.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi,
I had not reset the password earlier but it was working fine till today when I was unable to login to SOR.My password was saved so whenever I used to open SOR it always used to open the page with me logged in, but today it was not logging me in. I remembered my password but still it was not logging me in with my password. So, I had to reset the password and log in again.
Few questions to Admin:
1. Can anyone change my password without any email communication to the email address which is updated in SOR.
2. Assuming someone hacked the password of SOR and changed the email address from my profile, would not be an email communication sent to the earlier email ID which was there providing the info that your email address has been changed.
3. As I worked in the technical field earlier in server-networking,curious to know was there any technical gap which was opened when we were moved from the old to the new server of SOR.
4. We discussed about encryption, any update on it.
Thanks
Auro
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Boseauro,
Here are the answers to your questions:
1. Only you can change your password either by using the Change Password function in the members area or by using the Forgot Password link on the Login page.
2. Had your email address been changed?
3. We don't know if any technical gap that was opened up by moving to the new server.
4. All passwords are encrypted.
Regards ... Tim.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Tim,
Thanks for your response.
Coming back to my first question:
When we change our password, is there any email communication sent? In this case I did not get any email when my password was changed,so I probably assuming my password was compromised.
After I reset my password it is working fine now.
Thanks
Auro
Login to Like
this post
09:21:00am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Tim,
Please excuse me if these questions were already answered. I didn't see it if it was.
I just did a google search for my email address and I found where my email address, password and phone number were on the skymem website. Is there any way to get it off of there or is it just "tough luck"?
I saw the previous answer to this question, thanks.
Also, what else did they get? Do they have my name and address? I couldn't tell from what I saw.
What in the world is skymem.com anyway?
Thanks in advance,
-Ernie
Login to Like
this post
A Service Dog gives a person with a disability independence. Never approach, distract or pet a working dog, especially when (s)he is in harness. Never be afraid to ask questions to the handler (parent).
23 Oct 2015
10:23:07am
re: The Stamporama website has been hacked. PLEASE READ NOW.
My old one is still listed in Google search too.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
Hi Ernie,
Skymem.com seems to be a website where hackers like to post their scalps (if you will excuse the term). If you are seeing a page on their website with your details, there should be a Remove button that you can use. I have done so and I thought that it had removed all of our information. I did a search using your email address and it seemed to be removed, but that could just have been the view that Google is giving me. Try clicking on the Remove button.
Regards ... Tim
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
I think the data is still in the Google cache, but no longer on the Skymem site. I checked for my info, and that's what happened. Showed up in the Google search, but did not show up on the Skymem site.
Login to Like
this post
08:53:10am
re: The Stamporama website has been hacked. PLEASE READ NOW.
I am very disappointed by the lack of security on this site. This is not the first issue I have had with the site and must consider it the third strike.
I would hope that Tim would continue to check skymem.com to be sure our information is not re-posted. I am not sure we have heard the last of this yet.
How can I have my personal information removed from StampoRama? I no longer care to be a member of this site. Please advise me on how to proceed and how to document that my personal data is removed from this site.
Login to Like
this post
They who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -Benjamin Franklin
01 Nov 2015
11:31:41am
re: The Stamporama website has been hacked. PLEASE READ NOW.
Charlie,
There is no personal data on Stamporama that anyone with even a beginner's knowledge of the internet could not find out elsewhere. Anyone who believes that their private lives are safe from intrusion by a determined data miner is living in a fool's paradise. The internet is a dangerous place, but then so are the dark alleys of most of our cities. Good luck trying to find a safe haven on the WWW, you have a monumental task before you!
Login to Like
this post
02:01:18pm
re: The Stamporama website has been hacked. PLEASE READ NOW.
" Anyone who believes that their private lives are safe from intrusion by a determined data miner is living in a fool's paradise."
How very true. Remember when many people put their social security numbers on their checks and the police recommended that you engrave your social security number on expensive items?
Now we are told to do whatever it takes to keep that number from anyone and to make sure you don't carry your social security card in your wallet. And yet the government uses your social security number for your Medicare number and you are supposed to carry that card with you. Add in that it appears on all of your medical records which cannot be referred to as "secure" by any stretch of the imagination.
Try tracking down an old classmate on the internet - you can usually find them easily. Even the difficult ones who have moved several times can generally be found in less than half an hour.
Login to Like
this post
re: The Stamporama website has been hacked. PLEASE READ NOW.
@cfc1967,
I understand your frustration. We have done everything that we can to secure the website, but we are not hackers and don't have the same type of knowledge as the people who broke into the website. My focus has always been on building not breaking. I continue to look for possible break-ins on a regular basis and I scan the internet to try and find our private information out there. But don't just leave this to me. I strongly encourage you to to be scanning the internet for your personal information. Do regular Google scans for your email address. This was how Arno originally discovered that we had been hacked.
Regards ... Tim.
2 Members
like this post.
Login to Like.
re: The Stamporama website has been hacked. PLEASE READ NOW.
The SOR is highly unstable today. I am unable to post elsewhere, and only after 1/2 hour of tries can I hope to issue this warning. Highly unstable. Login, edit, posts etc all seem to have issues.
Started at 10:30 am more or less CA time.
Rrr. Posting now in desperation before loosing the connection.
Login to Like
this post