It was an $893 charge by "Instant Travel-Cyrus". The charge was DECLINED, the card blocked, and then cancelled all within minutes, thank goodness.

I purposely got a new credit card with a low limit JUST for all my 3D store purchases....I had used it at the DMV (100% sure it was not them, as it was used there last in early December, and for you non-USA folks that is our "Department of Motor Vehicles and REALLY secure!) It's the only "non 3D entity" I used this low level card at.

I have used it at here, RDNA, HiveWire, and SmithMicro. I have ONLY charged items recently here and at HiveWire with that "now cancelled" card.

I will go post a copy of this over at HiveWire to alert them...and at RDNA JUST IN CASE, though I had not used it TOO recently there...darn it, I was going to buy the new Dawn skirt and top over there... BUT anyway this is less traumatic for me, because I got TWO credit cards for this very reason, and only use the low level one for "non essentials" (ie: NOT for food, meds, etc.) 

I am being sent a new one in a week to 10 days.... Sure hope whichever store it is, they can get a handle on it FAST!

Lyne
Lyne's Creations

Hi Lyne,

We do not store credit card numbers in our database and after the number is entered, it gets heavily encrypted so it cannot be accessed.

We are very sorry this has happened to you and can assure you it did not happen on our site.

Warmest Regards,

Hi Lyne,

Same thing happened to me last night (also for 2nd time again)... almost exact same as you..some travel something or other charging 2 big amounts flagged by my credit card company. 2nd card I had to cancel.... a card mostly used at the same set of 3d sites you mentioned along with DAZ3D. I pointed fingers last time around which was unfair of me with no real proof what happened. Just wanted to let you know you are not alone and for others to be aware.

Take care,

Pat

they also hacked the banks which hold that info, according to kaspersky.

 OH I know cc numbers are not stored here...and I honestly do NOT think it happened via Renderosity,...I have shopped here for YEARS...I mean YEARS with no problems...but I also found out last time my card was hacked, that it's not the cc numbers that are getting hacked, it's the ORDERS themselves...and the numbers are being taken off the order within the "inner workings" of the charges going through...so it's sort of at a different point in the process that the hackers get into.  :(  

 This is the whole reason I now keep TWO cc's active - I'll always have one to use for food, etc.  I at least can 'narrow it down' if I only use my low level card at just a few shops... and I ALWAYS watch my activity on line...and I always pay off the card in total each month.

 It's just so upsetting...  

I also received a call from fraud prevention this morning about an approx. $2500 charge on the same credit card I used to make a purchase here on 'Rosity on the 16th.  The bogus charge was made yesterday the 18th.  Unfortunately, 'Rosity was the only thing I have charged to that card in about a month and the only online charge in much longer.  I don't want to point fingers as I'll never know what happened, but I'm a bit suspicious after finding this thread.  I don't doubt this site has many security measures in place, as the admin above stated, and I've used this site for years with no trouble for my Poser purchases, but I'm just thinking something may have happened here recently that the admins aren't aware of.  I've stopped the card temporarily until I receive a new one and the bogus charge was purged thankfully.  Please be cautious and safe everyone. 

Well, I live in Australia, got a message in the early hours of this morning to say my credit card was suspended and to ring the number on back of the credit card.

I rang, spoke to bank, they confirmed several suspicious transactions had occured, of which I had no knowledge.  All seem to have been within seconds of each other, on the same date 19th  February 2015, so the card was cancelled.

Talked to the Banks Fraud Section next, gave details of my recent avtivity of which there was not much.  However I had made two purchases on the same day, at two popular 3D stores.  Whether these purchases are connected to this fraud I dont know.  The matter is in the banks fraud section hand now for investigation, I will be refunded thankfully and get a new card that I have to wait for, that is an impositon these hacker thieves put you through, let alone the worry.

Hope not many were hit, it is my first time.

Yap I just got the call. After the last time, I did completely stop shopping at Hivewire3D and the only 3D outlets I use anymore are Renderosity, Renderotica, RDNA and DAZ3D. But I've only bought stuff at Renderosity and DAZ in the last few weeks, so...at the very least this might be a good moment for the administration to double check if there's any possible problem with the site. A group of hackers probably has set their eyes on the 3D world specifically.

I gotta admit, I was kind of afraid it might be a problem with my own system, this thread gives me hope at least someone else's security measures failed :D

...been hacked twice so i`ve become very carefull where I use it...that being said there is really no place hackers cant get into. The DOD has had someone in their system poking around for a couple months and cant block em off. One thing that I didnt see pointed out...secure your PC. Be sure to run updated virus and spyware programs and be sure your firewall is up. Scan daily...defrag each week. Do not open email that you dont know who its from or that even from someone you know appears odd. Be carefull going to websites youre not familiar with. And never download anything unless youre sure , real sure its safe. Example...googling for a program then downloading it from a site you dont know. Also google that site and the software.....Never ever download or click on anything from a window that just pops up. Never ever do anything from an email or phonecall that looks or sounds official unless you check it out first. My Dad would get calls from a guy who told him he worked for Windows security and they had detected that his pc was infected and they would fix it for him...he runs a mac lol.

Anyway, be carefull

Scott

You all might want to consider using Pay Pal, that gives another level of security between you and your card. I stopped using my card for online purchases if Pay Pal is available and have often left a desired item on the internet shelf because of not having Pay Pal. Having been hacked a few years ago I get very worried when I have to use a card.

Keep in mind that "recent usage" means nothing.  They can use information garnered a year previously as well and often do as a way to hide where they got the information.  I know that's not the case with newer cards, however most recent places shopped at aren't always the source of the problem. 

Hacking can be done via the processor, the banks, the stores etc.  Heck, Anthem insurance was hacked here recently as well, most likely because they do store information for making payments.

Lastly the DMV has most definitely been hacked before and no doubt will be again, it's a perfect place for hackers to hit.  The CA DMV was hit last Spring, South Carolina a few years ago.  The problem is that often times those things aren't caught until months later.  So people assume that it's other stores and it turns out to actually be a large corporation like Target or as it was last Spring, the DMV.  Months later they find out that it was actually somewhere else because they assume that certain places are safe.

I mean if you have your card hacked and you only used it for your health insurance, a mechanic, an online store and a mom & pop restaurant you would assume that it was one of the latter 3 when in actuality it was the Health Insurance Company (as in the case of Anthem). Or you'd suspect the latter 3 over a large corporation like Target's, but again it was the Targets store.

I would have to agree with ldgilman PayPal seems to be the safest way to keep you money secure so far anyways.  While Renderosity doesn't store any credit card information on our site these thieves have other ways of getting your personal information.  Renderosity has always had a very low fraud rate and it's something they have been very proud of as well as asked by other companies how we do it.

Mine too and my bank also suspects it's you guys .-(, the reason being that you, next to Amazon, are the only purchase of the month (other than Paypal) and it happened shortly afterwards. They said they would enter into contact with you. In my case they bought plane tickets in Russian rubbles.

Just to clear this up a little bit more, I went through the complete history of my card (October 2014-now), it is as good as all Paypal or Amazon except for two purchases on a famous German website in December and my recent 3.50 USD transaction here. In my case my bank did not block the transaction and I am 505  Euro out of pocket at this stage and although you do not store info on your site, the encryption process might have been hacked into. I am also not pointing fingers but same as my bank, I am highly suspicious. For me this now means filling in forms and eventually even having to go to the Police fraud department. I should have known better after the fiasco with the other site where I was also part of the lucky ones!  Please don't brush this off...It might not be at your end, but it could be since I don't appear to be alone here....and 'no', I never had any issues here before and I felt safe, thus I used my card this 'once', which makes me really annoyed with myself....I am from Luxembourg.

Just to say that my Credit Card was also suspended beetween 19 -20 february. I don't know exact date yet.

Last time (20 january) I made my purchase here at Renderosity. I'm going to bank tomorrow. :(

My account was hacked last week, and I would LOVE to use paypal on this site, but for some reason the button doesnt work, which makes me suspicious, and yes, I use spyware, anti virus, and firewall security. I just got my new card today, but dont want to use it in case it happens again, anybody else having an issue with the paypal button, or is it just me?

Paypal works fine for me and I normally use it. Maybe a browser issue?

It sort of was, Kristi said it was something to do with updates, typical, lol.

:-) Well at least that has sorted itself out....

My card was hacked three times last year.

The card is locked in a safe and was never used for any anything else but purchasing content at Renderosity and twice a year at RDNA.

 After the third hit I cancelled the card permanently and moved to a different bank.

 I did report every incidence to Admin. I was assured that everything was safe.

The third time I had purchased only from the Rendo store. If it didn't happen here

it must have happened in the Bank. Nobody else saw or touched the card. The account number was known to the Bank and

entered during a purchase at Rendo. 

The first two times the Bank intercepted the fraudulent attempts. The third time was different. One inital charge for

airline tickets with a cancellation the next day. from then on there were mainly airline and bus tickets

to the US and within Mexico. There were also a lot of small day to day charges like a monthly NETFLIX fee.

After a very stressful month the the bank did reimburse me with a warning, not to use the card for internet purchases.

Hmmm...I am truly disappointed for now because I have the feeling this isn't being taken seriously for lack of admin answers to our concerns other than a denial. I am not saying they are not looking into it, but we have no feedback. There is too many of us for this to be a coincidence but I am willing to accept that coincidences can happen but they need to assure me that they have seriously looked into it in order to deny or confirm. I am not at ease and won't be spending my money here for now and might be spending considerably less in the future too if I feel ignored with my concerns. A site being hacked doesn't make me spend less time or money there in the future, but a site ignoring its customers concerns makes me do just that am afraid.

The card i use here at renderosity (and in other popular 3D shops...) was hacked, too last week and the guys tried to do a huge number of transactions on February 20 or 21 - including saudi-arabian airline tickets and US hotels (i am in Germany...) The guy at the fraud detection department told me he doesnt know where the data was stolen and he couldn't tell me even if he would know. But i am pretty sure that they have rather good hints where the problem is or was just by comparing which customers shop in the same online shops and which customers have similar fraud transactions - and that they will then contact the online shop which seems to be the data leak...

New card, new luck :)

Just found out this morning (Saturday, February 28) that my card had been hacked,  Only made three online purchases, one here at Rendo, two over at DAZ3D.  Don't know where the hack occurred, but I've contacted both sites about it.

 Fortunately, my bank caught everything and denied the charges before I was hurt by it, but still, pretty frustrating having to set up a new card. 

 What worries me is the quick "we don't store credit card info, data entered is heavily encrypted, so sorry" response I got from Rendo.  Nearly word for word the same response Lyne got at the start of the thread.  I can't say that I'm reassured about the safety of shopping here.

I'll probably be switching to PayPal for online purchases from now on, though I hate how long it takes for things to process. 

I made a purchase here earlier this week and my card was hacked as well.  Still waiting on info from the fraud department at my bank but this was the only place I made a purchase with that card this week.

Mine too. A $10,000 charge was blocked but I don't remember the date. Three other charges were flagged as suspicious but going through this morning. I'll be putting paperwork in to recover. Those totalled 124.00 and change.

I got this card last summer and I've only used it at DAZ, Rendo, Amazon, and PayPal (for anything else).

Same here.  Credit card company called me yesterday about possible fraudulent charges earlier that day and the day before.  Had the card cancelled with a new one on the way.

Only used the card here, DAZ, Amazon, Paypal, and a couple other places.

Mine got hacked the other day. only used at Here, Daz, Rdna, and Amazon, it was right after my last Amazon purchase that it got hacked

I just canceled my card.  Because of a warning thread over at DAZ, I checked my activity online, and there was a ten cent charge in Oregon, when I called the bank, they told me about several other "probing" type charges.   I bought some stuff here this week, and when I checked out, I filled out the credit card info, hit submit, and the page flashed and went back to the beginning of the checkout process.  I tried again and it worked that time.  It worked like the regular checkout process, right up to the end.  Don't know that it was someone intercepting the order somehow, but it kind of looks that way.  The only other online orders I made were to Amazon and Paypal.  

FYI, here's a good article about how these hacks happen: http://krebsonsecurity.com/2015/01/how-was-your-credit-card-stolen/

Also, be aware that some banks have really poor security from the beginning, so it is worth googling your bank's name + credit card hack to see what sort of reputation they got.

Hi everyone a bit worried now I tried to use paypal renderosity on friday night .Paypal would not let me log in  I tried to sort this with the paypal site I had to make a new password and set the account up again .I am now really upset incase I have been scammed.Has anyone else had any problem using paypal.

No site is safe from hackers, to think so is the height of arrogance and totally unsafe for us that purchase here or any of the online stores.  Admin needs to give some feedback, this is making me nervous and I use PayPal most of the time.

We have asked our staff to check and we do not see any type of breach in our security or servers.

We do not store credit card information in our system and all information 
entered into our system is heavily encrypted.

Everything has been checked by our IT and Programming department 3 times 
within the last 10 days or so to be certain everything on our end is 
secure.

We are very sorry this has happened to you and realize how frustrating it 
can be.

Warmest Regards,

Don't feel to bad Lyne, I had my brand spanking new credit card never been used accept for at Rednerosity and Daz  this weekend. the hacker tried to charge up $8000 on mine, lucky the Fraud alert  was triggered and no monies was paid out this was my second time. and it was only used on 2 sites, Both Sites claim they have no security issues. so to be safe from now on I'm just going to use paypal. and put in what i need when i need it.

I work as a Graphic Designer & have a very secure system. and checked and double checked my computers Vulnerabilities which show I had none..

Near as I can figure my credit information was captured between the Http &The Https pages of the credit card gateway on one of these sites using the Harvestor  Dos program the problem i have is which site was it that they were able to do the capture on. Daz or Renderosity.  so from now on I use paypal

I will also do Paypal only now and with no card attached to the account as I haven't bothered changing the cancelled one that was hacked in there. I put some cash into my account and that is all i will do from now on. My new card I will only use in physical stores when I need to....For Amazon I use a Prepaid one, same for Netflix...different cards, very little money...not even enough money on there to purchase anything halfway decent :-) 

I was hacked also by someone using a company in Memphis,TN that sells phone insurance. also someone using a company in London,England, among two others. my credit card company caught the fake purchases

A lot of this sounds scarily familiar, just had this happen to me with small probing purchases i.e. credit for a mobile phone contract, small £6 purchase at a rather large hotel in Vegas (I'm not exactly in a position to go on a jolly to the US at the moment). The only real use being here (with a strange glitch on the store front that I thought nothing more of but in hindsight...), Daz3D, Amazon and at a local solicitors (not helping as I'm half way through purchasing my first house, so an added layer of annoyance). I'm not pointing fingers as I'll be going thorough my bank statement and seeing just when these thing line up and where the potential leak is, thankfully my bank is on the ball with these thing and put a stop to it but I still have to go through the form filling malarkey to get the money back and have a new card sent out to me. :sigh:

Well.... I had my new "low limit" card for just THREE WEEKS and got hacked AGAIN! I made sure I only used it at our 3D content stores....so IT gets hacked but my regular card I use ALL the time for groceries and necessities DIDN'T... sure excludes my bank, my machine, and Visa.... I am so so so so so upset! I had a cart full with coupon in hand.... and I can't go TO my bank branch to get an "instant" replacement, due to my health...so I have to wait 7-10 business days..... AGAIN.... I asked the fraud dept. about a "pre-paid visa"... but he said I would HAVE to go IN to a branch to be issued that kind of card.... sooo IF I'm brave enough to shop again (probably start here first, as I actually feel safest HERE) and IF it gets hacked again, I WILL wait till a less "germ-y" time in summer to walk into a branch and get a prepaid card...and to keep it safe, I will 1. fill my cart, 2. go to my bank on line, put the exact amount on the card, and then 3. immediately BUY the stuff in my cart and use the limit... The Fraud guy said the NUMBER can get hacked, but at least if they can't use it for these $500-$1000 travel agencies charges maybe they will give up?!?!  He said the only way they could use it is if they used it at the EXACT same time as I was.... I just hate this STRESS.... really messes with my poor muse when she gets an artistic idea and needs a product!

I've just had my statement and it seems that all the fraudulent charges have been done after my visit to Rendo (that's the last entry on the statement) as everything before that is accounted for. Looking back on it I'd hazard a guess that if it was here then chances are it's a man-in-the-middle attack and they're inserting themselves at the point where the card number's going in but not immediately encrypted (SSL has been hacked before now). As I say it's purely conjecture on my part and my last experience of the store here as I'll have to go into my nearest bank and get a print out between the last entry on my statement and now, thankfully I either didn't loose a lot or none at all as my bank caught on pretty darned quick (a few low cost tester charges to see if it goes unnoticed then wham! the big charges start racking up is the usual run on these sorts of things).

Food for though, g_purvis!  So sad that these horrible people keep finding ways to mess with the good guys (the store merchants, and us!) and it's so darn hard to catch them! :(

I got hacked twice in the last three weeks. Always after using the card data here I got hacked. Coincidence?

I was just coming in to comment on my experience as well, I got a credit fraud alert from my bank re suspected fradulent charges, someone was trying to charge exhorbiant amounts to my card and attempting to make very outlandish purchases.  This is one of only two places that I use this card for purchases. 

Had to replace my card twice this month second time was within eleven days from the first replacement and had only been used here and at Daz  first card had only been used on six sites all sites were 3d related

Was thinking about Paypal but my cousin says that he just heard that they had been hacked

Greetings,

Just got a bad charge of over $500 to something in greece on a card that I only use here, DAZ, and $5/mo to DigitalOcean for hosting.  I know how DAZ and DigitalOcean store card info; they do it by storing a 'card id' with the payment processor (who has major, major security), so they don't ever really handle the card numbers themselves, and I don't have to do anything.  Not a happy camper; the account had zero in it (I transfer money in to pay for 3D purchases), so they didn't get anything, but I'm going to have to replace it.  Just a few days ago I had to replace my main debit card, as it had several overseas and US charges pile up on it as well.  I also use that card here and on DAZ, but I use it about a million other places, so I had no real idea how it got compromised.

The one today has a lot smaller a surface area... :(

--  Morgan

[Edit: Just to note, I should say that the one today has only been used on those three places in the last (roughly) half-year.  If, for instance, it took this long for someone to finally get their hands on the cards from Hivewire3D, it's possible I may have used both cards on their over a year ago (I can't confirm, unfortunately).  It feels unlikely that it'd take this long for them to get attacked, though.]

I'm a little late in joining the conversation, but my card also got hacked as well.  Like many here, I only use it here and at DAZ 3D.  The credit card company alerted me to the illegal purchases and the card was shut down.  But as twisted irony would have it, one of the illegal purchases was for Kaspersky software!  The hackers got the download, but I received a copy of the software DVD delivered to my home address! 

I update my AVG anti-virus/internet security regularly, sometimes several times a day.  But it's like the hackers were looking right over my shoulder when i made my purchase here.  Makes me wonder if I have a keylogger imbedded in my system somewhere that my AVG isn't detecting.

RFriese, Paypal has never iirc been hacked.  Individual accounts have been hacked into using the same methods that hack into any credit account, i.e spoof emails, phishing, etc.  But the Paypal database of customer information has never been hacked. The hacker group Anonymous even tried but all they managed to do was a DDOs attack that shut their servers down.  The databases with customer information were never compromised.

The founder of Paypal is the guy who invented the captcha image concept btw, they stay on top of security pretty tightly.

I just got on hacked on 2 different cards within 5 days.  The only purchases were here, Daz and Amazon.  I think I need to re-think my approach to security....  

I guess I should actually thank the hackers for helping me stop my 3D spending addiction cold in its tracks. I do commend Rendo for keeping this forum topic active .... other sites have frozen or deleted them (like that is going to reassure us everything is okay). 

Yes, please keep this thread alive. I am very sure Rendo is doing everything to protect the customers but there seems to be some security breach between the customers credit card input and this marketplace.

Well, add me to the list now. And the only place I've used this card is here. With all that's been going on, I had decided to use 1 card per each 3D site and only the one I used here on 3/12, was used yesterday for a flurry of transactions. I got a call a few minutes ago alerting me. So a new card and a fraud investigation and some stress in my near future. Oh joy.

But really Renderosity people, you need to do more checking because your system is compromised.

Well I had just decided to get my first EVER Pay Pal account, but then ONLY use it to put money IN to pay pal JUST in the amount of what I put in my cart...then buy that right away USING PAY PAL... so I need to "learn" the pay pal procedures.... KristiS said she uses Pay Pal this way, gets her downloads right away (hey we all "need" that instant gratification, right?! :) - though really, it's because I am in the middle of an art project and need something for it)  - but take advantage of the pay pal security with a brand new card... however, I am also going to start out by using this new card at only ONE store...for about a month, then add one store at a time...try and track it... yet hoping beyond hope that this will solve my stressful issue...to say nothing of being forced to miss all the sales ! grrrr!

Found this thread in the Marketplace Support section. It's current.

http://renderosity.com/mod/forumpro/?thread_id=2889118&#msg4195723