We couldn't find any threads matching the specified search criteria.
33 comments found!
12rounds posted at 5:47PM Wed, 26 April 2017 - #4303072
My card was also hacked today (all of my credit line was stolen by Qatar Airways or some such bogus company) and I cancelled it right away. I made the mistake of making one single Credit Card purchase on this site couple of weeks down the road when at the time for some reason I was not able to make a PayPal purchase here. Incidentally my cc statement clearly states I've only used PayPal, Amazon, Spotify and Netflix repeatedly in addition to this one single purchase from Rendo. Quite disturbing.
I'm investigating your account. I'll send you a sitemail for more information. Please respond to it promptly so we can resolve this quickly. If your account was indeed compromised here on Renderosity we want to do everything we can to make it right for you.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Raindroptheelf posted at 5:43PM Wed, 26 April 2017 - #4303037
Excuse me! Do you mean me with * stop trolling and baiting *? If so I do not see why you would say that. I only voiced my worries and concerns as many others have and do. Petra
I was talking to Mazal in that post. It was not directed at you. :)
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Raindroptheelf posted at 5:26PM Wed, 26 April 2017 - #4303001
For me the matter is closed, so no need to send sitemails and whatnot. I have the hassle and I made changes to be more secure all over the net since my card was compromised 2 times on your site. My bank has refundet the stolen money but I am feeling very vulnarable right now when it comes to purchases. Not only here at Renderosity. You ask me what I want to hear? I would like to hear that, from now on you send an email to ALL paying customers/ members at Renderostiy to give a warning so that they might check their account frequently. As someone else already mentioned : If you can send Newsletters to everyone, surly you can send out mails reg. an hacker attack like that. THAT would put a lot of trust back. I am not mad at you personally but we need someone to talk to and you are the one on the frontline as it seems. I wish you a good day. Petra
I understand how you feel right now, and I apologize for the hassle. Good job securing your online presence, though. It's good practice to change passwords every once in and keep a short leash on your financial info.
We have regular team meetings. I'll prompt a discussion on how we can improve communication if/when these kinds of things happen. It would be dishonest of me to make specific promises on behalf everyone, but I can say that I completely understand your concern. I can also say that everyone here really does care, and we want to do the right thing for all of our users.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
mazal50 posted at 4:36PM Wed, 26 April 2017 - #4302965
This is exacly the reason why my trust is gone , email from rendo was an answer to my email, now your telling customers to check if there emailadresses are right, raindropthreef has already checked and wrote it was oke . Hornet3d has told you he didn't get an email. These are childisch excuses, take your customers serious.
Mazal,
I promise you we didn't notify everyone because of your email. We had been working on the situation long before we received your email.
I'm dealing with these other users on their issues. We need to find out why they didn't get the email so that we can make sure they receive our communications in the future. We're checking the obvious things first. If we can all remain mature, we can solve the issues at hand.
Please stop getting in the middle of other people's issues. You're hindering our progress by creating noise and accusations. We take all of our customers seriously and our security very seriously. This is why I am here responding to everyone, and trying to clear up the situation. Please know this is your last warning. If you continue to violate the TOS, you will be banned. There will be no more warnings. If you are banned there will be no further communication, and you will not be able to log on to the site.
Thread: Checkout Trojan? | Forum: MarketPlace Customers
consumer573 posted at 4:30PM Tue, 18 April 2017 - #4302348
I asked for help earlier in this thread in trying to purchase store credit, and even though this is a thread for marketplace support, nobody from the store answered me.
Although there is minimal protection in using debit cards, I've decided for the moment that if I can transfer money over to Renderosity fast enough, then it's probably secure. And I can only lose the amount I vested in any particular debit card. Plus the 5.00 activation fee everytime I get a debit card.
But rendo just doesn't seem to have a good way of handling funds once they get them. Their current 'gift card' system is not really acceptable for parking hobby money here to have access to at a future date. I'm truly surprised that nobody at the store has jumped on this opportunity.
I think your posts got burried in this thread. We're about to lock this thread since it's running wildly off topic. If you still need help, I suggest you start a new thread and ask your questions there. I'll also tell Krisitis and jennblake about your questions.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Badia01 posted at 4:10PM Tue, 18 April 2017 - #4302955
mazal50 posted at 3:47PM Tue, 18 April 2017 - #4302865
I agree wit Petra and Hornet3d. I will also follow the forums to see what is happing. My trust is completely gone and won't be purchasing anytime soon.
Ditto. Made lots of purchases in the past, but security has been shot since December. I made my last purchase March 11 (never received notice from Rendo regarding the breach during that time frame) using a prepaid debit card that I intentionally exhausted so there was no money left on the card.
I am sorry you didn't receive our email regarding the security incident. Please verify the email address you have on your account here: https://www.renderosity.com/settings/?saccount. Make sure it is an address you check regularly. Also check your spam filter.
Please also send me or Kristis a sitemail with the details of your compromised account so we can investigate it. At this point we have fulfilled all of our legal obligations, but we would like to go above and beyond and make it right for you however we can.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
mazal50 posted at 4:04PM Tue, 18 April 2017 - #4302950
nujazz posted at 9:38PM Tue, 18 April 2017 - #4302944
Raindroptheelf posted at 1:54PM Tue, 18 April 2017 - #4302508
MattGreenfield posted at 3:59AM Fri, 14 April 2017 - #4302481
I just found out that this morning that my card was hacked, most likely as a result of the last breech. $2,200.00 in charges made in the U.K. before we caught it.
This is also the second time the card I use at Rendo has been hacked in 6 months, so I'm seriously going to have to consider how, if I ever want to spend money at Renderosity again, how to do it safely.
Matt I am so sorry to hear this. I can honestly say, for now, for me , the best option was to add my card to my paypal account. But as I said before, I still worry to shop here and I think this will not go away. I never got a mail or anthting reg. those security breaches that occured and that also does not help to have trust.
I am so mad at all this, those hackers get to our account info also which includes our shipping address and all the rest of it.
Now that this happened to you this morning , or you found out this morning shows that quote :* We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.* it has not worked and the shop is still not save.
If account information is stolen, the only thing that can be done is to cancel the card. All the security measures in the world will not secure information that has already been stolen.
Stolen information isn't used immediately. Most likely, it will be used after a couple weeks. It could even be several months. Furthermore, Matt said he "found out" that morning, not that it actually happened that morning. Again, no security measure will prevent stolen (and still active) information from being used, and it certainly won't make someone aware sooner.
So I'm not sure how you came to that conclusion...
Thats the reason renderosity had to give a warning to all their customers , so they could check there cc acounts !!!
Please see my previous response to you. We notified users who were possibly at risk via email. If they did not get it, we have requested they check their user settings and spam folder. You have stated yourself that you received the email, so I'm not sure what you're trying to accomplish here.
I have also requested information from you so that I can personally investigate your account and see what I can do to help your specific case.
At this point we have fulfilled our legal obligations, and I have offered extra information and "extra mile" help for you specifically.
Please stop trolling and baiting.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
mazal50 posted at 3:53PM Tue, 18 April 2017 - #4302942
nujazz posted at 8:57PM Tue, 18 April 2017 - #4302934
Raindroptheelf posted at 12:52PM Tue, 18 April 2017 - #4302478
KristiS posted at 9:58PM Thu, 13 April 2017 - #4302220
Hello,
We are very sorry this is happening to you.
We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.
I suggest completely cancelling the card and getting a new one since it seems someone has gotten ahold of your information.
Thank you for being a valued member of Renderosity and wish you a wonderful week,
I am sorry but the steps you have takine to have a secure store are not good enough. It happend 2 x to me and I am lucky that the bank has put the money that was taken , back in to my account. Right now we have filed a disupute because they got hold of my address, phone number and they set up a monthly subscription apparently with my authorization. So we have to deal with that too. This is not acceptable and I would urge anyone who reads this to use paypal to make purchases here. I added my card to my paypal account and still I do not dare shopping here.
I would suggest you deal with your customers security first before page design and adding tons of adverts. Petra
In response to the second time it happened to you...
There was a weekend in March when Renderosity experienced an isolated security incident. We sent an email to anyone who may have been at risk. If you were affected then you should have received an email from us notifying you about the incident and directing you to alert your bank or credit card company.
After learning of the attack we immediately removed the attacker's work, changed all internal passwords (including admin user accounts), and implemented various protective measures. In the interest of maintaining security I cannot disclose all of the details, but we have added very restrictive filtering on all file uploads and user input as well as new monitoring tools and improvements to existing tools. We stopped all new feature development. We spent 3 weeks intensively reviewing and revising our systems at every level. We were able to trace the attack route, and we closed the vulnerability. We also found a couple other vulnerabilities that the attacker never found. We are continuing to use our new and improved tools to monitor our systems for any suspicious activity.
Since plugging the holes we have seen the attacker come back, but all of his attempts have failed.
I want to re-emphasize: If you believe your account information was compromised (or if you received the email from us), please contact your bank or credit card company and have them send you a new card.
Also, if you paying with PayPal then you are actually safe from anything that could ever happen in Renderosity's checkout. PayPal transactions are processed entirely on their site, and then you return here to confirm and download your files. Not even Renderosity can see your payment information if you checkout with PayPal.
You keep telling customers that they get a warning email if they where affected, this is not true , after the warning from creditcardcompany that data was stolen from RENDEROSITY specific i did send a warning to renderosity and after that i got an email from rendo. And more customers at this forum did not get an email, besides if rendo had a breach all customers should have had a warning, rendo can send newsletters so they also can send warnings.
You're saying yourself that you got the email from us. I'm glad your credit card company alerted you as well.
I understand that it may have appeared that our email was in response to yours, but it was sent to everyone at the same time regardless of any email we received. We sent it only after we were absolutely sure that we had completely resolved the issue, and we were confident that we had could protect against future attacks.
We did in fact send the email out. We sent it everyone who may have been at risk. We even sent it some people who probably were completely safe from it, but we sent it just to be extra safe in case we miscalculated the window. If anyone did not receive the email when they should have, we are asking them to check the email on their user account and make sure it is an address they check regularly. We are also reminding people to check their spam filters and other usual places. If you'd like to help out, please spread the word.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Raindroptheelf posted at 3:11PM Tue, 18 April 2017 - #4302938
nujazz posted at 7:19PM Tue, 18 April 2017 - #4302934
Raindroptheelf posted at 12:52PM Tue, 18 April 2017 - #4302478
KristiS posted at 9:58PM Thu, 13 April 2017 - #4302220
Hello,
We are very sorry this is happening to you.
We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.
I suggest completely cancelling the card and getting a new one since it seems someone has gotten ahold of your information.
Thank you for being a valued member of Renderosity and wish you a wonderful week,
I am sorry but the steps you have takine to have a secure store are not good enough. It happend 2 x to me and I am lucky that the bank has put the money that was taken , back in to my account. Right now we have filed a disupute because they got hold of my address, phone number and they set up a monthly subscription apparently with my authorization. So we have to deal with that too. This is not acceptable and I would urge anyone who reads this to use paypal to make purchases here. I added my card to my paypal account and still I do not dare shopping here.
I would suggest you deal with your customers security first before page design and adding tons of adverts. Petra
In response to the second time it happened to you...
There was a weekend when Renderosity experienced an isolated security incident. We have sent an email to everyone who was at risk. If you were affected then you should have received an email from us notifying you about the incident and directing you to alert your bank or credit card company.
After learning of the attack we immediately removed the attacker's work, changed all internal passwords (including admin user accounts), and implemented various protective measures. In the interest of maintaining security I cannot disclose all of the details, but we have added very restrictive filtering on all file uploads and user input as well as new monitoring tools and improvements to existing tools. We stopped all new feature development. We spent 3 weeks intensively reviewing and revising our systems at every level. We were able to trace the attack route, and we closed the vulnerability. We also found a couple other vulnerabilities that the attacker never found. We are continuing to use our new and improved tools to monitor our systems for any suspicious activity.
Since plugging the holes we have seen the attacker come back, but all of his attempts have failed.
I want to re-emphasize: If you believe your account information was compromised (or if you received the email from us), please contact your bank or credit card company and have them send you a new card.
Also, if you paying with PayPal then you are actually safe from anything that could ever happen in Renderosity's checkout. PayPal transactions are processed entirely on their site, and then you return here to confirm and download your files. Not even Renderosity can see your payment information if you checkout with PayPal.
I only started using paypal a short while back, after the SECOND time my card and account information was skimmed. You write since you checked and changed everyting to make the store save the Attacker came back and tried and failed * ALL of his attempts *. Now that is not reassuring and I am sure glad the attacker did not find * the other 2 vulnerabilities *. So it is really just luck that not even more harm to us the customers has been caused. You are responsible for the security in your store and you have a responsibility to your paying customes AND if those things happend you should inform ALL customers via email asap regardless if they have shopped on that day or not.
So again, please do not tell me just because I did not shop on that day the * attack * happened or because I did not get an mail that it did not happend here when it happened 2 times.
And it is not just getting a new card, for me , for example it is filing a dispute with visa over an subscription for some xbox stuff that the lowlifes did with my CC and telling them they got my authorization. Also got a call reg. the rollex watch that I ordered... It is a LONG BIG ratstail of things that happens even after you get a new card.
I am curious about the first time your account information was skimmed. Please send me a sitemail with details, so I can look into this for you.
You write since you checked and changed everyting to make the store save the Attacker came back and tried and failed * ALL of his attempts *. Now that is not reassuring and I am sure glad the attacker did not find * the other 2 vulnerabilities *.
How is this not reassuring? Fending off the attacker is a success. It's the exact purpose of security. Keep in mind that unscrupulous people are constantly looking for holes in your favorite sites. Fortunately, they usually do not succeed at getting through. And this time the attacker's failure was a direct result of our improved security. I must say it was a pretty good feeling to see him come back, try his old tricks in vain, and then leave. :)
I think I should also clarify something: We patched the "couple of vulnerabilities" we found immediately (before the attacker returned). There's no luck here, just lots of hard work and long nights. This is a natural part of computer security; all websites and software should be improving constantly.
Even if the attacker had found them, it wouldn't have helped him do anything beyond what he was already capable of. Further still, exploiting them would have required insider information and we would have been aware of the activity. So there really is no "luck" here. And our users were at no extra risk. If anything there is even less risk.
That was my point: We solved more than just the issue at hand. We preemptively protected our users against something that hadn't even been tried. Security is all about outsmarting your opponent.
So again, please do not tell me just because I did not shop on that day the * attack * happened or because I did not get an mail that it did not happend here when it happened 2 times.
I don't know what you want to hear, but the truth is that the attack was started at a specific time and it was defeated at a specific time. Only purchases during that time were at risk of possibly being compromised. Not even all purchases during that time were at risk, because the attack had bugs! To be extra safe we emailed everyone that made a purchase during that time or even near that time.
I know how having personal information can affect more than just the account, and I understand how much of a hassle it can be to fix that (from personal experience with a family member). Once you have replaced your card, please send a sitemail to Krisitis or myself. Include the stolen and closed card number, so we can investigate it. At this point we have fulfilled all of our legal obligations. However, we would like to go above and beyond to make it right for you however we can.
Also, if you did not receive our email please verify the address you have on your account and make sure you check it regularly. Please also check you spam filters and all the other common email issues. https://www.renderosity.com/settings/?saccount
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
hornet3d posted at 2:59PM Tue, 18 April 2017 - #4302803
Well I have now set up a prepaid debit card and charged it with a small amount of money but now I have done this I am not sure I want to use even that here. I am not pointing at any individual more at the corporate structure but it appears they are unwilling or incapable of improving the security here.
There is more than one thread here where customer's have stated that they are very concerned about buying from the marketplace here and yet there appears to be little being done to address their concerns. Not everyone who placed an order in the time frame admitted by Rendo got any email and many had to find out from other customers adding the email details to the forum. Yes, the have said that actions have been taken to improve the security, but that was said last time and clearly the measures were not enough.
In this digital age we have to accept that credit card fraud is a fact of life but you also expect the companies to do their best to protect you and inform you when things go wrong. The fact that a breach has happened twice (that they admit to, I believe there were others) in a relatively short period is not acceptable and their response is, in my opinion, not good enough.
I will continue to visit the forums to see if there is a change of heart but I have decided not to reward a company for their apparent lack of understanding of how this affects their customers. Despite the fact I have a prepaid card set up I do not intend to even look inside the market place here until I see some indication that Rendo, as a company, has a better grip on this situation.
The two incidents were this past March and sometime two years ago.
I was not here for the one two years ago, but I know one of the things they did was to completely offload credit card processing. We no longer store credit card information. This defeated any attack that tried to get account information from past purchases.
The only thing they could do is eavesdrop on purchases as they happen. That happened this past March. We have closed that vulnerability. We have also found a few ways to protect against other attacks that have not even been attempted yet.
From previous posts:
After learning of the attack we immediately removed the attacker's work, changed all internal passwords (including admin user accounts), and implemented various protective measures. In the interest of maintaining security I cannot disclose all of the details, but we have added very restrictive filtering on all file uploads and user input as well as new monitoring tools and improvements to existing tools. We stopped all new feature development. We spent 3 weeks intensively reviewing and revising our systems at every level. We were able to trace the attack route, and we closed the vulnerability. We also found a couple other vulnerabilities that the attacker never found. We are continuing to use our new and improved tools to monitor our systems for any suspicious activity.
Since plugging the holes we have seen the attacker come back, but all of his attempts have failed.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
hornet3d posted at 2:38PM Tue, 18 April 2017 - #4302662
No I did not get an email either, even though I did place an order in the time frame and my card was defrauded.
I also note the other problem appeared again, where system states and order has been declined but still places a pending charge on your credit card. It all comes right after a few days so no harm done right?. Well only to your reputation as a trusted market place and another customer might think hard before they order again.
The email would have been sent to the address on your account. Could you please verify that here: https://www.renderosity.com/settings/?saccount. Please make sure it is an address that you check regularly.
If you are having problems with checkout, please contact Kristis by sitemailing her or sending an email to kristis@renderosity.com. We will want to know what the exact error message is. Sometime, it is incorrect payment information that triggers our fraud protection, but we can tell for sure if you contact Kristis with that error message.
As for the hold on your account, that actually protects both you and us during the checkout process. It is a common (and recommended) practice among online merchants. I can explain the details in another post if you're interested.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Raindroptheelf posted at 1:54PM Tue, 18 April 2017 - #4302508
MattGreenfield posted at 3:59AM Fri, 14 April 2017 - #4302481
I just found out that this morning that my card was hacked, most likely as a result of the last breech. $2,200.00 in charges made in the U.K. before we caught it.
This is also the second time the card I use at Rendo has been hacked in 6 months, so I'm seriously going to have to consider how, if I ever want to spend money at Renderosity again, how to do it safely.
Matt I am so sorry to hear this. I can honestly say, for now, for me , the best option was to add my card to my paypal account. But as I said before, I still worry to shop here and I think this will not go away. I never got a mail or anthting reg. those security breaches that occured and that also does not help to have trust.
I am so mad at all this, those hackers get to our account info also which includes our shipping address and all the rest of it.
Now that this happened to you this morning , or you found out this morning shows that quote :* We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.* it has not worked and the shop is still not save.
If account information is stolen, the only thing that can be done is to cancel the card. All the security measures in the world will not secure information that has already been stolen.
Stolen information isn't used immediately. Most likely, it will be used after a couple weeks. It could even be several months. Furthermore, Matt said he "found out" that morning, not that it actually happened that morning. Again, no security measure will prevent stolen (and still active) information from being used, and it certainly won't make someone aware sooner.
So I'm not sure how you came to that conclusion...
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
MattGreenfield posted at 1:38PM Tue, 18 April 2017 - #4302481
I just found out that this morning that my card was hacked, most likely as a result of the last breech. $2,200.00 in charges made in the U.K. before we caught it.
This is also the second time the card I use at Rendo has been hacked in 6 months, so I'm seriously going to have to consider how, if I ever want to spend money at Renderosity again, how to do it safely.
We sent an email to anyone who may have been at risk. If you were affected then you should have received an email from us notifying you about the incident and directing you to alert your bank or credit card company.
You have stated that your card details have in fact been used without your permission. I'd like to remind you to please call your bank or credit card company and have them replace your card. I recommend that you stop using the compromised card immediately. Also, many banks and credit card companies provide "fraud protect," and will refund unauthorized charges if your account has been stolen.
We are always improving. We continue to use new and improved tools to monitor our systems for any suspicious activity.
For added protection, you can checkout with PayPal on any site that offers it, as Renderosity does. PayPal transactions are processed entirely on their site, and then you return here to confirm and download your files. Not even Renderosity can see your payment information if you checkout with PayPal, so you are completely safe from anything that could ever happen in Renderosity's checkout.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers
Raindroptheelf posted at 12:52PM Tue, 18 April 2017 - #4302478
KristiS posted at 9:58PM Thu, 13 April 2017 - #4302220
Hello,
We are very sorry this is happening to you.
We have taken all the steps we can to be sure Renderosity is as secure as an online store can possibly be.
I suggest completely cancelling the card and getting a new one since it seems someone has gotten ahold of your information.
Thank you for being a valued member of Renderosity and wish you a wonderful week,
I am sorry but the steps you have takine to have a secure store are not good enough. It happend 2 x to me and I am lucky that the bank has put the money that was taken , back in to my account. Right now we have filed a disupute because they got hold of my address, phone number and they set up a monthly subscription apparently with my authorization. So we have to deal with that too. This is not acceptable and I would urge anyone who reads this to use paypal to make purchases here. I added my card to my paypal account and still I do not dare shopping here.
I would suggest you deal with your customers security first before page design and adding tons of adverts. Petra
In response to the second time it happened to you...
There was a weekend in March when Renderosity experienced an isolated security incident. We sent an email to anyone who may have been at risk. If you were affected then you should have received an email from us notifying you about the incident and directing you to alert your bank or credit card company.
After learning of the attack we immediately removed the attacker's work, changed all internal passwords (including admin user accounts), and implemented various protective measures. In the interest of maintaining security I cannot disclose all of the details, but we have added very restrictive filtering on all file uploads and user input as well as new monitoring tools and improvements to existing tools. We stopped all new feature development. We spent 3 weeks intensively reviewing and revising our systems at every level. We were able to trace the attack route, and we closed the vulnerability. We also found a couple other vulnerabilities that the attacker never found. We are continuing to use our new and improved tools to monitor our systems for any suspicious activity.
Since plugging the holes we have seen the attacker come back, but all of his attempts have failed.
I want to re-emphasize: If you believe your account information was compromised (or if you received the email from us), please contact your bank or credit card company and have them send you a new card.
Also, if you paying with PayPal then you are actually safe from anything that could ever happen in Renderosity's checkout. PayPal transactions are processed entirely on their site, and then you return here to confirm and download your files. Not even Renderosity can see your payment information if you checkout with PayPal.
Thread: Checkout Trojan? | Forum: MarketPlace Customers
This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
Thread: Low security at Renderosity? | Forum: MarketPlace Customers