Lyne opened this issue on Feb 19, 2015 ยท 124 posts
rty posted Thu, 26 March 2015 at 9:48 PM
I've had three cards hacked lately after using them here! First two were caught by the card issuer (AMEX), the last one by myself since I had put up safeguards (email alert for any purchase over $100). The three events were so close to each other I knew the problem could only be here, for I hadn't had the time to use the newly issued card anywhere else... Now I use Paypal. With the largest password possible (only 20 characters allowed, the darn idiots).
The "message" is a newsletter sent by Rendo today (at least for me), and it reads:
This correspondence is to notify you that Renderosity has concluded an investigation into unauthorized access to payment card data on our website. Unfortunately, our investigation found that between February 9th and March 18th of this year, there was an intermittent attack that resulted in the exposure of some payment card information to an unauthorized third party.
By policy, Renderosity does not store credit card information. However, the nature of this attack resulted in the capture of sensitive information during the check-out process itself. Only customers that used a payment card directly on the site during this time-frame were at risk. PayPal orders were not at risk.
Renderosity has since increased security for all of our production servers, implemented a new IDS (Intrusion Detection System) to insure real-time alerting and active response to such attacks going forward. In addition, we have engaged a third-party to perform a complete security analysis of our hosts and applications in addition to regular PCI (Payment Card Industry) scanning as required by our payment processor to be certain we have rectified all potential security issues.
Since you placed an order using your credit card during this time frame, we urge you to immediately contact the issuer of your credit card to have it replaced for your protection.
We want to emphasize that Renderosity takes the security of our customers very seriously. We sincerely apologize for this inconvenience and appreciate your continued support. If you have any additional concerns or questions, please feel free to contact store@renderosity.com and we will address them quickly and professionally.
Sincerely,
Tommy Lemon
Vice-President, Renderosity
I'm happy they eventually caught that problem. I sure hope they will be a little more vigilant in the future. Hacking paying systems is common nowadays, and there are only two kind of targets; The easy ones, and the very easy ones...