Online Modelling Store hacked - CC details taken

Discussion in 'Modeling' started by ozhawk40, Oct 26, 2010.

  1. ozhawk40

    ozhawk40 Active Member

    Joined:
    Feb 8, 2007
    Messages:
    2,337
    Likes Received:
    12
    Trophy Points:
    38
    Occupation:
    I have one only until I win Lotto!
    Location:
    Live on the Oz West Coast - Perth
  2. lesofprimus

    lesofprimus Active Member

    Joined:
    Jul 27, 2004
    Messages:
    19,162
    Likes Received:
    5
    Trophy Points:
    38
    Occupation:
    Communications
    Location:
    Long Island Native in Mississippi
    Home Page:
    Damn, Hannants is screwed....
     
  3. Wayne Little

    Wayne Little Well-Known Member

    Joined:
    Oct 7, 2006
    Messages:
    51,151
    Likes Received:
    847
    Trophy Points:
    113
    Location:
    Adelaide Sth. Aust.
    Haven't used them.....so I will breathe a sigh of relief for now...
     
  4. Lucky13

    Lucky13 Forum Mascot

    Joined:
    Aug 21, 2006
    Messages:
    36,719
    Likes Received:
    1,054
    Trophy Points:
    113
    Occupation:
    Nightshift picker
    Location:
    A Swede living in Glasgow, Scotland
    Home Page:
    #4 Lucky13, Oct 26, 2010
    Last edited: Oct 26, 2010
    Haven't used them for a while....will have a look though! Thanks for the headsup mate!


    Edit: Their website is down for maintenance now....
     
  5. Vic Balshaw

    Vic Balshaw Well-Known Member

    Joined:
    Jul 20, 2009
    Messages:
    13,125
    Likes Received:
    217
    Trophy Points:
    63
    Occupation:
    Retired
    Location:
    Canberra
    Coincidence or not, Hannants web site is currently down for maintenance..................and aren't I the lucky one as my card was compromised some months ago and I haven't updated my details as yet.
     
  6. vikingBerserker

    vikingBerserker Well-Known Member

    Joined:
    Apr 10, 2009
    Messages:
    24,064
    Likes Received:
    655
    Trophy Points:
    113
    Occupation:
    Korporate Kontrolleur
    Location:
    South Carolina
    Thanks for the heads up. On the bright side, it gives me an excuse.

    "Why no honey, I did not spend $500 at Hannants, their site was hacked! See this post?????" :lol:
     
  7. Lucky13

    Lucky13 Forum Mascot

    Joined:
    Aug 21, 2006
    Messages:
    36,719
    Likes Received:
    1,054
    Trophy Points:
    113
    Occupation:
    Nightshift picker
    Location:
    A Swede living in Glasgow, Scotland
    Home Page:
    Will cost you a Revell 1/32 He 111 to keep me quiet Sir....
     
  8. Airframes

    Airframes Benevolens Magister

    Joined:
    Aug 24, 2008
    Messages:
    47,643
    Likes Received:
    1,416
    Trophy Points:
    113
    Gender:
    Male
    Occupation:
    Retired
    Location:
    Cheshire, UK
    Hannant's have sent an e-mail to all on their mailing list, warning of this problem. (Just got it half an hour ago).
    They have three Internet security companies looking into this, which has been happening over the last two weeks, but with some evidence of it happening in September. That's when my card was compromised - so probably happened there !
    They have closed the web-site temporarily as a precaution, and are asking for anyone who has experienced this problem, via their web-site and ordering system, to inform them with as many details as possible. Apparently, it can be a small 'test' taking of funds, followed by one or more further fraudulent 'transactions', and the sources are in more than one country (my 'robber' was in China).
    As a further precaution, Hannant's have deleted all stored data regarding customer's details, card numbers etc, so, if you want to order when they are back up and running, you will need to re-register your details etc.
    Let's hope they get this sorted asap, for their sake as much as ours !
    B*gg*r, I was about to order some stuff from them too !
     
  9. A4K

    A4K Well-Known Member

    Joined:
    Dec 17, 2007
    Messages:
    12,162
    Likes Received:
    123
    Trophy Points:
    63
    Location:
    The back of beyond
    Cheers for the headsup mate! Like Jan, haven't used them for a while, but will check the account just in case...
     
  10. JohnAnthony

    JohnAnthony Member

    Joined:
    Jul 26, 2010
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Yup, here's the email...

    Dear Customer

    We are very sorry to have to tell you that a number of customers who have used our website have had their card details stolen and used by criminals.

    ALL CUSTOMERS THAT HAVE ENTERED CARD NUMBERS ON OUR NEW WEBSITE PLEASE CHECK YOUR ACCOUNTS FOR SUSPICIOUS CHARGES OR ATTEMPTED CHARGES.
    If you see any please contact your company that issued your card.

    At the moment no one is sure how this has happened. There are several internet security firms investigating everything and we will keep you all updated as soon as we can.

    There is no sign of any intrusion into the server where the card number and expiry date information that we keep is encrypted*. The CVV number is not stored.

    After looking at the information we have received we think this mainly affects some customers who have sent us an order in the last 2 weeks though there are 3 from September.

    We have been contacted by about 40 customers so far but are not sure how many others have had their cards compromised but have not told us yet. If you know your card has been compromised PLEASE tell us. Please send us as much information as you can as soon as you can. We need as much information as soon as possible.



    Please look out for small 'insignificant' test charges of under $5.00 followed by larger charges of varying amounts. Charges have originated from different countries and in different currencies.


    Until we have found out what has caused this problem and it has been fixed we have closed the website. None of the experts can find any problems with it but until the problem is resolved we prefer not to take any risks.

    We have deleted ALL card numbers from the website database. We are aware that a few of you wanted access so you could delete your details but we have done this for everyone.

    Paypal. We have been asked why we do not accept it. There are 2 reasons. Firstly when we started work on the new website 4 (four) years ago we could not get it to work with the fully stock controlled warehouse that we wanted to run. We did some trials but it took too long for payments arrive in our bank account which would seriously have delayed the despatch of orders. Things have now improved. Secondly it was too expensive. 3 times the cost of handling Visa and Mastercard. All our payments are now handled by Sage pay, a large British firm. Recently they have started working with Paypal and our website designers had been doing some work to incorporate it into the website. We are going to speed up the work on this and try to get it incorporated quicker.

    We will re-open the website as soon as we can but will not be rushing into it.

    Thank you for your help and understanding.

    ALL CUSTOMERS THAT HAVE ENTERED CARD NUMBERS ON OUR NEW WEBSITE PLEASE CHECK YOUR ACCOUNTS FOR SUSPICIOUS CHARGES OR ATTEMPTED CHARGES.
    If you see any please contact your company that issued your card.
     
  11. vikingBerserker

    vikingBerserker Well-Known Member

    Joined:
    Apr 10, 2009
    Messages:
    24,064
    Likes Received:
    655
    Trophy Points:
    113
    Occupation:
    Korporate Kontrolleur
    Location:
    South Carolina
    Damned viking thief...... I respect that! :thumbleft:
     
  12. Capt. Vick

    Capt. Vick Well-Known Member

    Joined:
    Jul 23, 2008
    Messages:
    7,872
    Likes Received:
    637
    Trophy Points:
    113
    Gender:
    Male
    Location:
    Long Island, New York
    I was a victim. Yesterday someone tried to use my card to buy stuff from an on-line software company and also had a go at buying tickets from Cathey Pacific...twice! Thankfully they couldn't enter the correct CVC so the charges were denied. Unfortunately the account is now closed and I have to wait 7 to 10 for a new one. Oh well it could have been worse... :(
     
  13. Airframes

    Airframes Benevolens Magister

    Joined:
    Aug 24, 2008
    Messages:
    47,643
    Likes Received:
    1,416
    Trophy Points:
    113
    Gender:
    Male
    Occupation:
    Retired
    Location:
    Cheshire, UK
    A further e-mail has been sent by Hannant's. The web-site is now partly open, and orders can be placed by telephone/fax. They don't suggest e-mailing card details, and are still looking in to the problem. So far, nothing can be found to identify how/where etc this has happened, and the problem is being treated as serious, being investigated at a high level.
    With such a long-standing, trusted company, this would appear to be something beyond their control, and that of the security measures in force, and there are hints (here and elsewhere) that this could be a new, previously unknown, form of 'hacking'.
    Coincidentally, at the time I experienced my problem (early September), a 'gang' had just been caught and prosecuted, in the UK, for a similar criminal operation, on a huge scale, involving debit/credit card identity theft. This group, mainly with east European origins, had been operating globally, to the tune of many millions of pounds/dollars worth of fraud.
     
  14. rochie

    rochie Well-Known Member

    Joined:
    Aug 9, 2006
    Messages:
    14,631
    Likes Received:
    421
    Trophy Points:
    83
    Gender:
    Male
    Occupation:
    Head chef
    Location:
    billingham nr middlesbrough uk
    got this from Hannants early this morning

    Dear Customer,

    Two of the investigations into our problem and have come back but failed to find anything significant.

    We have analysed a lot (but not all yet) of the information our customers have sent us. We can confidently say that no information was captured as orders were transmitted. This means that we should be able to re-open the website quite quickly.

    However it does mean that we still do not know how the data was accessed and so have to recommend that anyone who registered their card details on the NEW website CANCEL the card with their bank. We realise this is annoying, irritating, time consuming and inconvenient but we think it is the safest thing to do under these circumstances.


    PLEASE CANCEL ANY CREDIT OR DEBIT CARD THAT WAS REGISTERED ON OUR NEW WEBSITE. (registered on or after March 23rd 2010)


    We will re-open as soon as possible with a new system that does not remember the card details. This will be annoying for our customers who order regularly and will not want to enter their card details each time but we think it is the best way to go at the moment.

    This will mean that we will not be able to automatically send any back orders. We will NOT be cancelling any back orders and will send you all revised Back Order details as soon as we have decided on the best way to handle them. For the moment you can add any available items to your cart and then phone or fax your card details through. Then we can download the order from your cart and attach the card details. We will charge and despatch as soon as we can.


    TELFORD SHOW ORDERS. To send us an order for collection at the show please add a Collect from show address with your name on as usual. Add what you want to buy to your cart as before BUT then email us to say it is there in your cart. We will then download it and have it ready for collection and payment at the show. You do not pay until you collect so we do not need any payment now. The country in the delivery address should be Collect from show NOT United Kingdom or any other country.

    MAILORDERS. WE CAN NOW ACCEPT ORDERS THIS WAY. BUT ONLY THIS WAY PLEASE. Please put your order in the cart as normal then TELEPHONE or FAX us with your card details. We will then download your order and attach the card details to the order. We will then be able to process your order. Our email is not secure so we cannot recommend you send your card details that way though we know a lot of you will.

    PLEASE DO NOT PHONE OR FAX OR POST YOUR ORDERS TO US AT THE MOMENT. WE ARE GRATEFUL FOR FOR YOUR ORDERS BUT CANNOT LOAD THEM TO THE WEBSITE AS QUICKLY AS YOU CAN.

    We are sending this email via 2 methods so as to try and get it delivered. We apologise if you receive it twice.

    We are still receiving immense amounts of support and help and we thank you all for it.

    Best regards

    Hannants.
    If you want to use the Hot News as an HTML for your own website you can convert it by using this link http://website101.com/cgi-bin/t2h/Mt2h.cgi
     
  15. tail end charlie

    Joined:
    Aug 24, 2010
    Messages:
    615
    Likes Received:
    1
    Trophy Points:
    18
    Imagine the fun I had working in China
     
  16. BombTaxi

    BombTaxi Active Member

    Joined:
    Nov 27, 2004
    Messages:
    1,907
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Barnsley, S. Yorks, UK
    Crap. I checked my statement about 15.00, saw nothing untoward, then ordered from them :cry:
     
  17. Airframes

    Airframes Benevolens Magister

    Joined:
    Aug 24, 2008
    Messages:
    47,643
    Likes Received:
    1,416
    Trophy Points:
    113
    Gender:
    Male
    Occupation:
    Retired
    Location:
    Cheshire, UK
    Although Hannant's state the web-site is partly open, I'm still getting the 'Temporarily Closed' message - no web-site access. B*gg*r, I wanted to check on some things too !
     
  18. BombTaxi

    BombTaxi Active Member

    Joined:
    Nov 27, 2004
    Messages:
    1,907
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Barnsley, S. Yorks, UK
    It accepted and charged my order :confused: That was about 1500-ish
     
  19. Airframes

    Airframes Benevolens Magister

    Joined:
    Aug 24, 2008
    Messages:
    47,643
    Likes Received:
    1,416
    Trophy Points:
    113
    Gender:
    Male
    Occupation:
    Retired
    Location:
    Cheshire, UK
    Hmm. I can't even get access. I'll try re-entering the address, rather than using the 'Bookmark' one.
     
  20. Lucky13

    Lucky13 Forum Mascot

    Joined:
    Aug 21, 2006
    Messages:
    36,719
    Likes Received:
    1,054
    Trophy Points:
    113
    Occupation:
    Nightshift picker
    Location:
    A Swede living in Glasgow, Scotland
    Home Page:
    The latest email that I recieved a few minutes ago.....

    Following our recent credit card security issues, we can confidently say that NO information was captured as orders were transmitted. This means that orders can safely be placed at our website.

    We have now RE-OPENED this website but modified the way we work. You cannot save any card details now. When you go to check out you will be asked to enter your card details. As soon as you have sent the order the card details are deleted.

    Because we no longer have any card details we will not be able to automatically send any Back Orders. We HAVE NOT cancelled any Back Orders and hope to have a modified system available soon. Sagepay have recently developed a new system which is exactly what we were looking for when the new site was being created. For now please add Back Order items to your cart and send the order when you are ready. When you are logged in you can use the Watching facility to be told by email when a kit you are interested in is available.

    TELFORD SHOW ORDERS. To send us an order for collection at the show please add a Collect from show address with your name on as shown in Your Account> Change Your Delivery Address Details> Add An Address. Then make this your default address. Next add the items you want to buy to your cart and then go to checkout. You will need to enter your card number to make the system accept your order but it will not be charged. It will be deleted after the order has been sent.

    Continuing investigations have ruled out a compromised PC accessing the administration to harvest the card data. The server logs have failed to find any SQL injections. The investigations will continue.
    If you want to use the Hot News as an HTML for your own website you can convert it by using this link http://website101.com/cgi-bin/t2h/Mt2h.cgi
     
Loading...

Share This Page