Fun Publications Update 3/27/12

Discussion in 'Transformers News and Rumors' started by Megabattimus, Mar 27, 2012.

Thread Status:
Not open for further replies.
  1. Megabattimus

    Megabattimus Same As It Ever Was

    Joined:
    May 30, 2011
    Posts:
    4,751
    News Credits:
    1
    Trophy Points:
    197
    Location:
    Victoria, Australia
    Likes:
    +53
    Just got an email from Funpub that has more info on how people hacked their database and what they're planning do to fix it:

     
    • News Credit News Credit x 1
  2. skiss

    skiss Crash and Burn

    Joined:
    Dec 12, 2006
    Posts:
    2,631
    News Credits:
    2
    Trophy Points:
    151
    Likes:
    +2
    Ebay:
    Good to know info. I actually held off on relacing my CC because of my morbid curiosity and sure enough false charges showed up yesterday. They really can just hit you whenever. Thankfully I was prepared and everything is taken care of.
     
  3. Transquito

    Transquito Reach For The Light

    Joined:
    Dec 23, 2007
    Posts:
    2,549
    Trophy Points:
    181
    Likes:
    +5
    "We apologize for the inconvenience..."

    About time.
     
  4. Shark Jumper

    Shark Jumper さあ、お前の罪を数えろ

    Joined:
    May 25, 2008
    Posts:
    6,188
    News Credits:
    11
    Trophy Points:
    202
    Likes:
    +46
    Ebay:
    They stole $1000 from me and spent it on a gas bill...
     
  5. barrelks

    barrelks Captain Funtastic

    Joined:
    Apr 20, 2008
    Posts:
    9,285
    News Credits:
    3
    Trophy Points:
    227
    Likes:
    +142
    The updates may not be fast and furious enough for some people's taste, but I am glad that they are atleast somewhat keeping us in the loop as to what they are doing and what they are learning. Thanks for the update.
     
  6. LamboTwinLove

    LamboTwinLove Lambo Assassin

    Joined:
    Feb 9, 2012
    Posts:
    2,124
    Trophy Points:
    166
    Likes:
    +0
    Well, good to know something has been figured out with all this.
     
  7. GAUGE

    GAUGE Transformers Fan since 1985

    Joined:
    Jun 21, 2006
    Posts:
    11,462
    News Credits:
    4
    Trophy Points:
    312
    Location:
    Phx, AZ
    Likes:
    +1,510
    Ebay:
    Facebook:
    Twitter:
    Google+:
    Instagram:
    I could care less about your excuses about the same things over and over funpub. :deadhorse:  :horse: 

    Send me my club freebee already :Gouki: 

    (been waiting for almost 8 weeks now)
     
  8. Composite Ghost

    Composite Ghost Motorized Transformer

    Joined:
    Oct 14, 2011
    Posts:
    2,704
    News Credits:
    2
    Trophy Points:
    172
    Likes:
    +13
    Hundreds of stores nobody's ever heard of.
     
  9. seeker311

    seeker311 The Collector

    Joined:
    May 14, 2007
    Posts:
    9,213
    News Credits:
    27
    Trophy Points:
    232
    Likes:
    +39
    This bother anyone else?
     
  10. The 12th Prime

    The 12th Prime A Seth Buzzard Fan

    Joined:
    Mar 6, 2011
    Posts:
    255
    Trophy Points:
    76
    Likes:
    +0
    Ebay:
    Check your eBay accounts and paypal accounts as well, a couple of weeks ago my eBay account was compromised but I was able to recover it before any damage was done. I've changed all my passwords on my websites that I use. I even noticed when I went into my eBay account afterword that an address in Indonesia had been added (for any investigators or authorities that may want to know who may read this thread).
     
  11. LamboTwinLove

    LamboTwinLove Lambo Assassin

    Joined:
    Feb 9, 2012
    Posts:
    2,124
    Trophy Points:
    166
    Likes:
    +0
    It has been bothering me for awhile that people aren't protecting themselves when the info has been available here and they have have numerous e-mails.

    However, I can't blame anyone who may no longer be part of the club or even a parent who just signed their kids up. My dad put my sis and I in the Power Rangers fan club when we were kids and I'm sure he himself didn't keep up with anything other then his card statements.
     
  12. skiss

    skiss Crash and Burn

    Joined:
    Dec 12, 2006
    Posts:
    2,631
    News Credits:
    2
    Trophy Points:
    151
    Likes:
    +2
    Ebay:
    The only reason FP got any money from me was simply because of the runatwins. I'm not holding anything against them in the future, just my money.
     
  13. Grandum

    Grandum Well-Known Member

    Joined:
    Feb 2, 2011
    Posts:
    2,153
    News Credits:
    1
    Trophy Points:
    167
    Likes:
    +2
    yeah, I call bullshit on this one though - sql injection to steal data? I'm not convinced - I can buy that they could manipulate data...if they actually knew what the tables were called, but see it? naaaah
     
  14. Dragonclaw

    Dragonclaw Comic Ink - Dublin, CA

    Joined:
    Aug 5, 2003
    Posts:
    6,611
    News Credits:
    6
    Trophy Points:
    262
    Likes:
    +229
    Fortunately I always use 1 e-mail for forum and club registrations and a totally different one for buying. It makes it MUCH easier to see when I get an e-mail that there is an issue with Paypal or Ebay on accounts that aren't TIED to Paypal or Ebay :) 
     
  15. General Tekno

    General Tekno Self-Styled #1 Lugnut Fan

    Joined:
    Jun 26, 2006
    Posts:
    10,185
    News Credits:
    227
    Trophy Points:
    342
    Location:
    The Teknodrome
    Likes:
    +462
    Couldn't they just use a SQL function to list out the tables?
     
  16. LamboTwinLove

    LamboTwinLove Lambo Assassin

    Joined:
    Feb 9, 2012
    Posts:
    2,124
    Trophy Points:
    166
    Likes:
    +0
    Yeah, same here. I only renew my membership when I really like the figures. So now I play the waiting game and see what the club does this year before deciding if I will deal with them again.

    See... I have no idea about these things...
     
  17. chrisr291

    chrisr291 Master of the Unknown

    Joined:
    Jun 3, 2009
    Posts:
    12,531
    News Credits:
    5
    Trophy Points:
    257
    Likes:
    +124
    Ebay:
    I just got nailed for 800 bucks this weekend. :banghead: 
     
  18. JudgmentMcGodly

    JudgmentMcGodly New Member

    Joined:
    Feb 7, 2012
    Posts:
    2
    Trophy Points:
    31
    Likes:
    +0
    Yep, exactly that. Falling prey to SQL injection means your software is complete crap. It means all you data is just sitting there waiting to be stolen, just like SONY's hubbub not too long ago. Any piece of information saved in the db is likely stolen.

    This means that their old site had passwords and CC info stored in either plaintext or easily decoded hash/encryption. Now maybe they were using some coldfusion plugin that was complete crap, but the point is that the site was heavily out-dated, insecure, and not well-monitored for access attempts.
     
  19. matrixprime

    matrixprime AJ's Toy Chest Owner

    Joined:
    Aug 24, 2005
    Posts:
    1,656
    News Credits:
    2
    Trophy Points:
    187
    Likes:
    +37
    Ebay:
    You couldn't pay me to do business with this company again.
     
  20. Scantron

    Scantron Well-Known Member

    Joined:
    Oct 3, 2004
    Posts:
    8,249
    News Credits:
    3
    Trophy Points:
    211
    Likes:
    +6
    Well, thankfully the amount of fraud is just a "small minority of overall orders" or whatever though, right FailPub?

    Anyway, sarcasm aside, I am glad they sent out an e-mail providing some results of the investigation and explained things a little bit, even if I didn't get some of the technical details. After some time, FunPub is doing a little better in their response to this, but they've got a long way to go to fix things up for the future and the new store (as well as their continued refusal to take PayPal) isn't filling me with confidence yet. Still extremely reluctant to ever do business with them again after the mess they made of their initial response, though.
     
Thread Status:
Not open for further replies.

Share This Page