Forum: MarketPlace Customers


Subject: Low security at Renderosity?

l.croft opened this issue on Apr 11, 2017 ยท 83 posts


mazal50 posted Tue, 18 April 2017 at 2:03 PM

nujazz posted at 8:57PM Tue, 18 April 2017 - #4302934

Raindroptheelf posted at 12:52PM Tue, 18 April 2017 - #4302478

KristiS posted at 9:58PM Thu, 13 April 2017 - #4302220

Hello,

We are very sorry this is happening to you.

We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.

I suggest completely cancelling the card and getting a new one since it seems someone has gotten ahold of your information.

Thank you for being a valued member of Renderosity and wish you a wonderful week,

I am sorry but the steps you have takine to have a secure store are not good enough. It happend 2 x to me and I am lucky that the bank has put the money that was taken , back in to my account. Right now we have filed a disupute because they got hold of my address, phone number and they set up a monthly subscription apparently with my authorization. So we have to deal with that too. This is not acceptable and I would urge anyone who reads this to use paypal to make purchases here. I added my card to my paypal account and still I do not dare shopping here.

I would suggest you deal with your customers security first before page design and adding tons of adverts. Petra

In response to the second time it happened to you...

There was a weekend in March when Renderosity experienced an isolated security incident. We sent an email to anyone who may have been at risk. If you were affected then you should have received an email from us notifying you about the incident and directing you to alert your bank or credit card company.

After learning of the attack we immediately removed the attacker's work, changed all internal passwords (including admin user accounts), and implemented various protective measures. In the interest of maintaining security I cannot disclose all of the details, but we have added very restrictive filtering on all file uploads and user input as well as new monitoring tools and improvements to existing tools. We stopped all new feature development. We spent 3 weeks intensively reviewing and revising our systems at every level. We were able to trace the attack route, and we closed the vulnerability. We also found a couple other vulnerabilities that the attacker never found. We are continuing to use our new and improved tools to monitor our systems for any suspicious activity.

Since plugging the holes we have seen the attacker come back, but all of his attempts have failed.

I want to re-emphasize: If you believe your account information was compromised (or if you received the email from us), please contact your bank or credit card company and have them send you a new card.

Also, if you paying with PayPal then you are actually safe from anything that could ever happen in Renderosity's checkout. PayPal transactions are processed entirely on their site, and then you return here to confirm and download your files. Not even Renderosity can see your payment information if you checkout with PayPal.

You keep telling customers that they get a warning email if they where affected, this is not true , after the warning from creditcardcompany that data was stolen from RENDEROSITY specific i did send a warning to renderosity and after that i got an email from rendo. And more customers at this forum did not get an email, besides if rendo had a breach all customers should have had a warning, rendo can send newsletters so they also can send warnings.