Forum: Community Center


Subject: My Credit Card was HACKED again!!!!!!!!!

Lyne opened this issue on Feb 19, 2015 · 124 posts


Lyne posted Thu, 19 February 2015 at 12:00 PM

It was an $893 charge by "Instant Travel-Cyrus". The charge was DECLINED, the card blocked, and then cancelled all within minutes, thank goodness.

I purposely got a new credit card with a low limit JUST for all my 3D store purchases....I had used it at the DMV (100% sure it was not them, as it was used there last in early December, and for you non-USA folks that is our "Department of Motor Vehicles and REALLY secure!) It's the only "non 3D entity" I used this low level card at.

I have used it at here, RDNA, HiveWire, and SmithMicro. I have ONLY charged items recently here and at HiveWire with that "now cancelled" card.

I will go post a copy of this over at HiveWire to alert them...and at RDNA JUST IN CASE, though I had not used it TOO recently there...darn it, I was going to buy the new Dawn skirt and top over there... BUT anyway this is less traumatic for me, because I got TWO credit cards for this very reason, and only use the low level one for "non essentials" (ie: NOT for food, meds, etc.) 

I am being sent a new one in a week to 10 days.... Sure hope whichever store it is, they can get a handle on it FAST!

Lyne
Lyne's Creations

Life Requires Assembly and we all know how THAT goes!


KristiS posted Thu, 19 February 2015 at 1:43 PM

Hi Lyne,

We do not store credit card numbers in our database and after the number is entered, it gets heavily encrypted so it cannot be accessed.

We are very sorry this has happened to you and can assure you it did not happen on our site.

Warmest Regards,


Kristi

Community Relations Specialist

This is your life - your platform - your stage - your story  


carrara_pat posted Thu, 19 February 2015 at 2:00 PM

Hi Lyne,

Same thing happened to me last night (also for 2nd time again)... almost exact same as you..some travel something or other charging 2 big amounts flagged by my credit card company. 2nd card I had to cancel.... a card mostly used at the same set of 3d sites you mentioned along with DAZ3D. I pointed fingers last time around which was unfair of me with no real proof what happened. Just wanted to let you know you are not alone and for others to be aware.

Take care,

Pat


Miss Nancy posted Thu, 19 February 2015 at 4:41 PM

they also hacked the banks which hold that info, according to kaspersky.



Lyne posted Thu, 19 February 2015 at 4:58 PM

 OH I know cc numbers are not stored here...and I honestly do NOT think it happened via Renderosity,...I have shopped here for YEARS...I mean YEARS with no problems...but I also found out last time my card was hacked, that it's not the cc numbers that are getting hacked, it's the ORDERS themselves...and the numbers are being taken off the order within the "inner workings" of the charges going through...so it's sort of at a different point in the process that the hackers get into.  :(  

 This is the whole reason I now keep TWO cc's active - I'll always have one to use for food, etc.  I at least can 'narrow it down' if I only use my low level card at just a few shops... and I ALWAYS watch my activity on line...and I always pay off the card in total each month.

 It's just so upsetting...  

Life Requires Assembly and we all know how THAT goes!


shanfar508 posted Thu, 19 February 2015 at 8:09 PM

I also received a call from fraud prevention this morning about an approx. $2500 charge on the same credit card I used to make a purchase here on 'Rosity on the 16th.  The bogus charge was made yesterday the 18th.  Unfortunately, 'Rosity was the only thing I have charged to that card in about a month and the only online charge in much longer.  I don't want to point fingers as I'll never know what happened, but I'm a bit suspicious after finding this thread.  I don't doubt this site has many security measures in place, as the admin above stated, and I've used this site for years with no trouble for my Poser purchases, but I'm just thinking something may have happened here recently that the admins aren't aware of.  I've stopped the card temporarily until I receive a new one and the bogus charge was purged thankfully.  Please be cautious and safe everyone. 


PointLady posted Fri, 20 February 2015 at 1:57 AM

Well, I live in Australia, got a message in the early hours of this morning to say my credit card was suspended and to ring the number on back of the credit card.

I rang, spoke to bank, they confirmed several suspicious transactions had occured, of which I had no knowledge.  All seem to have been within seconds of each other, on the same date 19th  February 2015, so the card was cancelled.

Talked to the Banks Fraud Section next, gave details of my recent avtivity of which there was not much.  However I had made two purchases on the same day, at two popular 3D stores.  Whether these purchases are connected to this fraud I dont know.  The matter is in the banks fraud section hand now for investigation, I will be refunded thankfully and get a new card that I have to wait for, that is an impositon these hacker thieves put you through, let alone the worry.

Hope not many were hit, it is my first time.


Jedah posted Fri, 20 February 2015 at 8:15 AM

Yap I just got the call. After the last time, I did completely stop shopping at Hivewire3D and the only 3D outlets I use anymore are Renderosity, Renderotica, RDNA and DAZ3D. But I've only bought stuff at Renderosity and DAZ in the last few weeks, so...at the very least this might be a good moment for the administration to double check if there's any possible problem with the site. A group of hackers probably has set their eyes on the 3D world specifically.

I gotta admit, I was kind of afraid it might be a problem with my own system, this thread gives me hope at least someone else's security measures failed :D


scottl posted Sat, 21 February 2015 at 2:54 PM

...been hacked twice so i`ve become very carefull where I use it...that being said there is really no place hackers cant get into. The DOD has had someone in their system poking around for a couple months and cant block em off. One thing that I didnt see pointed out...secure your PC. Be sure to run updated virus and spyware programs and be sure your firewall is up. Scan daily...defrag each week. Do not open email that you dont know who its from or that even from someone you know appears odd. Be carefull going to websites youre not familiar with. And never download anything unless youre sure , real sure its safe. Example...googling for a program then downloading it from a site you dont know. Also google that site and the software.....Never ever download or click on anything from a window that just pops up. Never ever do anything from an email or phonecall that looks or sounds official unless you check it out first. My Dad would get calls from a guy who told him he worked for Windows security and they had detected that his pc was infected and they would fix it for him...he runs a mac lol.

Anyway, be carefull

Scott


ldgilman posted Sat, 21 February 2015 at 4:51 PM

You all might want to consider using Pay Pal, that gives another level of security between you and your card. I stopped using my card for online purchases if Pay Pal is available and have often left a desired item on the internet shelf because of not having Pay Pal. Having been hacked a few years ago I get very worried when I have to use a card.


3-DArena posted Sat, 21 February 2015 at 4:52 PM

Keep in mind that "recent usage" means nothing.  They can use information garnered a year previously as well and often do as a way to hide where they got the information.  I know that's not the case with newer cards, however most recent places shopped at aren't always the source of the problem. 

Hacking can be done via the processor, the banks, the stores etc.  Heck, Anthem insurance was hacked here recently as well, most likely because they do store information for making payments.

Lastly the DMV has most definitely been hacked before and no doubt will be again, it's a perfect place for hackers to hit.  The CA DMV was hit last Spring, South Carolina a few years ago.  The problem is that often times those things aren't caught until months later.  So people assume that it's other stores and it turns out to actually be a large corporation like Target or as it was last Spring, the DMV.  Months later they find out that it was actually somewhere else because they assume that certain places are safe.

I mean if you have your card hacked and you only used it for your health insurance, a mechanic, an online store and a mom & pop restaurant you would assume that it was one of the latter 3 when in actuality it was the Health Insurance Company (as in the case of Anthem). Or you'd suspect the latter 3 over a large corporation like Target's, but again it was the Targets store.


3-D Arena | Instagram | Facebook

I do not feel obliged to believe that the same God who has endowed us with sense, reason, and intellect has intended us to forgo their use.
-Galileo


TinaK posted Sun, 22 February 2015 at 9:34 AM

I would have to agree with ldgilman PayPal seems to be the safest way to keep you money secure so far anyways.  While Renderosity doesn't store any credit card information on our site these thieves have other ways of getting your personal information.  Renderosity has always had a very low fraud rate and it's something they have been very proud of as well as asked by other companies how we do it.

Tina Kaylor

Community Manager


ItWasNotAvailable posted Tue, 24 February 2015 at 2:31 AM

Mine too and my bank also suspects it's you guys .-(, the reason being that you, next to Amazon, are the only purchase of the month (other than Paypal) and it happened shortly afterwards. They said they would enter into contact with you. In my case they bought plane tickets in Russian rubbles.


ItWasNotAvailable posted Tue, 24 February 2015 at 8:09 AM

Just to clear this up a little bit more, I went through the complete history of my card (October 2014-now), it is as good as all Paypal or Amazon except for two purchases on a famous German website in December and my recent 3.50 USD transaction here. In my case my bank did not block the transaction and I am 505  Euro out of pocket at this stage and although you do not store info on your site, the encryption process might have been hacked into. I am also not pointing fingers but same as my bank, I am highly suspicious. For me this now means filling in forms and eventually even having to go to the Police fraud department. I should have known better after the fiasco with the other site where I was also part of the lucky ones!  Please don't brush this off...It might not be at your end, but it could be since I don't appear to be alone here....and 'no', I never had any issues here before and I felt safe, thus I used my card this 'once', which makes me really annoyed with myself....I am from Luxembourg.


tyllo posted Tue, 24 February 2015 at 9:50 AM

Just to say that my Credit Card was also suspended beetween 19 -20 february. I don't know exact date yet.

Last time (20 january) I made my purchase here at Renderosity. I'm going to bank tomorrow. :(


PaulaL posted Tue, 24 February 2015 at 12:12 PM

My account was hacked last week, and I would LOVE to use paypal on this site, but for some reason the button doesnt work, which makes me suspicious, and yes, I use spyware, anti virus, and firewall security. I just got my new card today, but dont want to use it in case it happens again, anybody else having an issue with the paypal button, or is it just me?


ItWasNotAvailable posted Wed, 25 February 2015 at 2:42 AM

Paypal works fine for me and I normally use it. Maybe a browser issue?


PaulaL posted Wed, 25 February 2015 at 4:19 AM

It sort of was, Kristi said it was something to do with updates, typical, lol.


ItWasNotAvailable posted Wed, 25 February 2015 at 5:04 AM

:-) Well at least that has sorted itself out....


helgas posted Thu, 26 February 2015 at 7:34 PM

My card was hacked three times last year.

The card is locked in a safe and was never used for any anything else but purchasing content at Renderosity and twice a year at RDNA.

 After the third hit I cancelled the card permanently and moved to a different bank.

 I did report every incidence to Admin. I was assured that everything was safe.

The third time I had purchased only from the Rendo store. If it didn't happen here

it must have happened in the Bank. Nobody else saw or touched the card. The account number was known to the Bank and

entered during a purchase at Rendo. 

The first two times the Bank intercepted the fraudulent attempts. The third time was different. One inital charge for

airline tickets with a cancellation the next day. from then on there were mainly airline and bus tickets

to the US and within Mexico. There were also a lot of small day to day charges like a monthly NETFLIX fee.

After a very stressful month the the bank did reimburse me with a warning, not to use the card for internet purchases.


ItWasNotAvailable posted Fri, 27 February 2015 at 3:25 AM

Hmmm...I am truly disappointed for now because I have the feeling this isn't being taken seriously for lack of admin answers to our concerns other than a denial. I am not saying they are not looking into it, but we have no feedback. There is too many of us for this to be a coincidence but I am willing to accept that coincidences can happen but they need to assure me that they have seriously looked into it in order to deny or confirm. I am not at ease and won't be spending my money here for now and might be spending considerably less in the future too if I feel ignored with my concerns. A site being hacked doesn't make me spend less time or money there in the future, but a site ignoring its customers concerns makes me do just that am afraid.


mpacer posted Sat, 28 February 2015 at 3:07 PM

The card i use here at renderosity (and in other popular 3D shops...) was hacked, too last week and the guys tried to do a huge number of transactions on February 20 or 21 - including saudi-arabian airline tickets and US hotels (i am in Germany...) The guy at the fraud detection department told me he doesnt know where the data was stolen and he couldn't tell me even if he would know. But i am pretty sure that they have rather good hints where the problem is or was just by comparing which customers shop in the same online shops and which customers have similar fraud transactions - and that they will then contact the online shop which seems to be the data leak...

New card, new luck :)


nightwolf1982a posted Sat, 28 February 2015 at 3:14 PM

Just found out this morning (Saturday, February 28) that my card had been hacked,  Only made three online purchases, one here at Rendo, two over at DAZ3D.  Don't know where the hack occurred, but I've contacted both sites about it.

 Fortunately, my bank caught everything and denied the charges before I was hurt by it, but still, pretty frustrating having to set up a new card. 

 What worries me is the quick "we don't store credit card info, data entered is heavily encrypted, so sorry" response I got from Rendo.  Nearly word for word the same response Lyne got at the start of the thread.  I can't say that I'm reassured about the safety of shopping here.

I'll probably be switching to PayPal for online purchases from now on, though I hate how long it takes for things to process. 


grimm55 posted Sat, 28 February 2015 at 3:18 PM

I made a purchase here earlier this week and my card was hacked as well.  Still waiting on info from the fraud department at my bank but this was the only place I made a purchase with that card this week.


Spit posted Sat, 28 February 2015 at 3:38 PM

Mine too. A $10,000 charge was blocked but I don't remember the date. Three other charges were flagged as suspicious but going through this morning. I'll be putting paperwork in to recover. Those totalled 124.00 and change.

I got this card last summer and I've only used it at DAZ, Rendo, Amazon, and PayPal (for anything else).


drinkingbuddy posted Sat, 28 February 2015 at 5:02 PM

Same here.  Credit card company called me yesterday about possible fraudulent charges earlier that day and the day before.  Had the card cancelled with a new one on the way.

Only used the card here, DAZ, Amazon, Paypal, and a couple other places.


lycanthropeX posted Sat, 28 February 2015 at 8:59 PM

Mine got hacked the other day. only used at Here, Daz, Rdna, and Amazon, it was right after my last Amazon purchase that it got hacked


madfrog posted Sat, 28 February 2015 at 9:21 PM

I just canceled my card.  Because of a warning thread over at DAZ, I checked my activity online, and there was a ten cent charge in Oregon, when I called the bank, they told me about several other "probing" type charges.   I bought some stuff here this week, and when I checked out, I filled out the credit card info, hit submit, and the page flashed and went back to the beginning of the checkout process.  I tried again and it worked that time.  It worked like the regular checkout process, right up to the end.  Don't know that it was someone intercepting the order somehow, but it kind of looks that way.  The only other online orders I made were to Amazon and Paypal.  


Skiriki posted Sun, 01 March 2015 at 1:59 AM

FYI, here's a good article about how these hacks happen: http://krebsonsecurity.com/2015/01/how-was-your-credit-card-stolen/

Also, be aware that some banks have really poor security from the beginning, so it is worth googling your bank's name + credit card hack to see what sort of reputation they got.



spacechimp posted Sun, 01 March 2015 at 7:48 AM

Hi everyone a bit worried now I tried to use paypal renderosity on friday night .Paypal would not let me log in  I tried to sort this with the paypal site I had to make a new password and set the account up again .I am now really upset incase I have been scammed.Has anyone else had any problem using paypal.


LadyElf posted Wed, 04 March 2015 at 2:47 PM

No site is safe from hackers, to think so is the height of arrogance and totally unsafe for us that purchase here or any of the online stores.  Admin needs to give some feedback, this is making me nervous and I use PayPal most of the time.


KristiS posted Thu, 05 March 2015 at 2:58 PM

We have asked our staff to check and we do not see any type of breach in our security or servers.

We do not store credit card information in our system and all information 
entered into our system is heavily encrypted.

Everything has been checked by our IT and Programming department 3 times 
within the last 10 days or so to be certain everything on our end is 
secure.

We are very sorry this has happened to you and realize how frustrating it 
can be.

Warmest Regards,


Kristi

Community Relations Specialist

This is your life - your platform - your stage - your story  


poisinivy posted Fri, 06 March 2015 at 2:44 PM

Don't feel to bad Lyne, I had my brand spanking new credit card never been used accept for at Rednerosity and Daz  this weekend. the hacker tried to charge up $8000 on mine, lucky the Fraud alert  was triggered and no monies was paid out this was my second time. and it was only used on 2 sites, Both Sites claim they have no security issues. so to be safe from now on I'm just going to use paypal. and put in what i need when i need it.

I work as a Graphic Designer & have a very secure system. and checked and double checked my computers Vulnerabilities which show I had none..

Near as I can figure my credit information was captured between the Http &The Https pages of the credit card gateway on one of these sites using the Harvestor  Dos program the problem i have is which site was it that they were able to do the capture on. Daz or Renderosity.  so from now on I use paypal


ItWasNotAvailable posted Sat, 07 March 2015 at 11:43 AM

I will also do Paypal only now and with no card attached to the account as I haven't bothered changing the cancelled one that was hacked in there. I put some cash into my account and that is all i will do from now on. My new card I will only use in physical stores when I need to....For Amazon I use a Prepaid one, same for Netflix...different cards, very little money...not even enough money on there to purchase anything halfway decent :-) 


Richardphotos posted Mon, 09 March 2015 at 6:47 AM

I was hacked also by someone using a company in Memphis,TN that sells phone insurance. also someone using a company in London,England, among two others. my credit card company caught the fake purchases


g_purvis posted Sun, 15 March 2015 at 9:23 AM

A lot of this sounds scarily familiar, just had this happen to me with small probing purchases i.e. credit for a mobile phone contract, small £6 purchase at a rather large hotel in Vegas (I'm not exactly in a position to go on a jolly to the US at the moment). The only real use being here (with a strange glitch on the store front that I thought nothing more of but in hindsight...), Daz3D, Amazon and at a local solicitors (not helping as I'm half way through purchasing my first house, so an added layer of annoyance). I'm not pointing fingers as I'll be going thorough my bank statement and seeing just when these thing line up and where the potential leak is, thankfully my bank is on the ball with these thing and put a stop to it but I still have to go through the form filling malarkey to get the money back and have a new card sent out to me. :sigh:


Lyne posted Mon, 16 March 2015 at 10:51 PM

Well.... I had my new "low limit" card for just THREE WEEKS and got hacked AGAIN! I made sure I only used it at our 3D content stores....so IT gets hacked but my regular card I use ALL the time for groceries and necessities DIDN'T... sure excludes my bank, my machine, and Visa.... I am so so so so so upset! I had a cart full with coupon in hand.... and I can't go TO my bank branch to get an "instant" replacement, due to my health...so I have to wait 7-10 business days..... AGAIN.... I asked the fraud dept. about a "pre-paid visa"... but he said I would HAVE to go IN to a branch to be issued that kind of card.... sooo IF I'm brave enough to shop again (probably start here first, as I actually feel safest HERE) and IF it gets hacked again, I WILL wait till a less "germ-y" time in summer to walk into a branch and get a prepaid card...and to keep it safe, I will 1. fill my cart, 2. go to my bank on line, put the exact amount on the card, and then 3. immediately BUY the stuff in my cart and use the limit... The Fraud guy said the NUMBER can get hacked, but at least if they can't use it for these $500-$1000 travel agencies charges maybe they will give up?!?!  He said the only way they could use it is if they used it at the EXACT same time as I was.... I just hate this STRESS.... really messes with my poor muse when she gets an artistic idea and needs a product!

Life Requires Assembly and we all know how THAT goes!


g_purvis posted Tue, 17 March 2015 at 3:06 AM

I've just had my statement and it seems that all the fraudulent charges have been done after my visit to Rendo (that's the last entry on the statement) as everything before that is accounted for. Looking back on it I'd hazard a guess that if it was here then chances are it's a man-in-the-middle attack and they're inserting themselves at the point where the card number's going in but not immediately encrypted (SSL has been hacked before now). As I say it's purely conjecture on my part and my last experience of the store here as I'll have to go into my nearest bank and get a print out between the last entry on my statement and now, thankfully I either didn't loose a lot or none at all as my bank caught on pretty darned quick (a few low cost tester charges to see if it goes unnoticed then wham! the big charges start racking up is the usual run on these sorts of things).


Lyne posted Tue, 17 March 2015 at 7:50 PM

Food for though, g_purvis!  So sad that these horrible people keep finding ways to mess with the good guys (the store merchants, and us!) and it's so darn hard to catch them! :(

Life Requires Assembly and we all know how THAT goes!


Fredy posted Thu, 19 March 2015 at 2:38 PM

I got hacked twice in the last three weeks. Always after using the card data here I got hacked. Coincidence?


TL1 posted Thu, 19 March 2015 at 4:57 PM

I was just coming in to comment on my experience as well, I got a credit fraud alert from my bank re suspected fradulent charges, someone was trying to charge exhorbiant amounts to my card and attempting to make very outlandish purchases.  This is one of only two places that I use this card for purchases. 


RFreise posted Thu, 19 March 2015 at 7:55 PM

Had to replace my card twice this month second time was within eleven days from the first replacement and had only been used here and at Daz  first card had only been used on six sites all sites were 3d related

Was thinking about Paypal but my cousin says that he just heard that they had been hacked


cypherfox posted Fri, 20 March 2015 at 2:50 AM

Greetings,

Just got a bad charge of over $500 to something in greece on a card that I only use here, DAZ, and $5/mo to DigitalOcean for hosting.  I know how DAZ and DigitalOcean store card info; they do it by storing a 'card id' with the payment processor (who has major, major security), so they don't ever really handle the card numbers themselves, and I don't have to do anything.  Not a happy camper; the account had zero in it (I transfer money in to pay for 3D purchases), so they didn't get anything, but I'm going to have to replace it.  Just a few days ago I had to replace my main debit card, as it had several overseas and US charges pile up on it as well.  I also use that card here and on DAZ, but I use it about a million other places, so I had no real idea how it got compromised.

The one today has a lot smaller a surface area... :(

--  Morgan

[Edit: Just to note, I should say that the one today has only been used on those three places in the last (roughly) half-year.  If, for instance, it took this long for someone to finally get their hands on the cards from Hivewire3D, it's possible I may have used both cards on their over a year ago (I can't confirm, unfortunately).  It feels unlikely that it'd take this long for them to get attacked, though.]


Xavier_Leggett posted Fri, 20 March 2015 at 11:13 AM

I'm a little late in joining the conversation, but my card also got hacked as well.  Like many here, I only use it here and at DAZ 3D.  The credit card company alerted me to the illegal purchases and the card was shut down.  But as twisted irony would have it, one of the illegal purchases was for Kaspersky software!  The hackers got the download, but I received a copy of the software DVD delivered to my home address! 

I update my AVG anti-virus/internet security regularly, sometimes several times a day.  But it's like the hackers were looking right over my shoulder when i made my purchase here.  Makes me wonder if I have a keylogger imbedded in my system somewhere that my AVG isn't detecting.


3-DArena posted Fri, 20 March 2015 at 12:41 PM

RFriese, Paypal has never iirc been hacked.  Individual accounts have been hacked into using the same methods that hack into any credit account, i.e spoof emails, phishing, etc.  But the Paypal database of customer information has never been hacked. The hacker group Anonymous even tried but all they managed to do was a DDOs attack that shut their servers down.  The databases with customer information were never compromised.

The founder of Paypal is the guy who invented the captcha image concept btw, they stay on top of security pretty tightly.


3-D Arena | Instagram | Facebook

I do not feel obliged to believe that the same God who has endowed us with sense, reason, and intellect has intended us to forgo their use.
-Galileo


thorntoa posted Fri, 20 March 2015 at 4:36 PM

I just got on hacked on 2 different cards within 5 days.  The only purchases were here, Daz and Amazon.  I think I need to re-think my approach to security....  

Allan Thornton


carrara_pat posted Sat, 21 March 2015 at 3:05 AM

I guess I should actually thank the hackers for helping me stop my 3D spending addiction cold in its tracks. I do commend Rendo for keeping this forum topic active .... other sites have frozen or deleted them (like that is going to reassure us everything is okay). 


Fredy posted Sat, 21 March 2015 at 4:39 AM

Yes, please keep this thread alive. I am very sure Rendo is doing everything to protect the customers but there seems to be some security breach between the customers credit card input and this marketplace.


Sassywench posted Sat, 21 March 2015 at 11:27 AM

Well, add me to the list now. And the only place I've used this card is here. With all that's been going on, I had decided to use 1 card per each 3D site and only the one I used here on 3/12, was used yesterday for a flurry of transactions. I got a call a few minutes ago alerting me. So a new card and a fraud investigation and some stress in my near future. Oh joy.

But really Renderosity people, you need to do more checking because your system is compromised.

"Own the Day"

*Live*Laugh*Love*Dream*Believe*

DS user since the first alpha :)

Poser user through P5


Lyne posted Sat, 21 March 2015 at 12:07 PM

Well I had just decided to get my first EVER Pay Pal account, but then ONLY use it to put money IN to pay pal JUST in the amount of what I put in my cart...then buy that right away USING PAY PAL... so I need to "learn" the pay pal procedures.... KristiS said she uses Pay Pal this way, gets her downloads right away (hey we all "need" that instant gratification, right?! :) - though really, it's because I am in the middle of an art project and need something for it)  - but take advantage of the pay pal security with a brand new card... however, I am also going to start out by using this new card at only ONE store...for about a month, then add one store at a time...try and track it... yet hoping beyond hope that this will solve my stressful issue...to say nothing of being forced to miss all the sales ! grrrr!

  

Life Requires Assembly and we all know how THAT goes!


Vaskania posted Sat, 21 March 2015 at 1:04 PM

Found this thread in the Marketplace Support section. It's current.

http://renderosity.com/mod/forumpro/?thread_id=2889118&#msg4195723

-----sig-----
Daz, Blender, Affinity, Substance, Unity, Python, C#


TinaK posted Sat, 21 March 2015 at 9:03 PM

Thanks Vaskania. 

Can we get you on staff soon?  You are most helpful and I appreciate ya.

Tina Kaylor

Community Manager


ItWasNotAvailable posted Sun, 22 March 2015 at 8:18 AM

Got three prepaid Visa cards now with very little money and they get used in specific places only. As for the rest, I have a little bit of money in my PP account if I want to buy 3D stuff, but I got so disheartened by all this that I simply stopped spending any cash on 3D sites...I might check in once a week for freebies mainly...There is too many of us for me to feel safe...no matter which site.


Fredy posted Tue, 24 March 2015 at 1:04 PM

Any news from Rendo's IT team?  Any idea how the criminals attacked us here? Is there anything we can do to support you?


zicsov posted Wed, 25 March 2015 at 5:47 AM

Just to add to the saga. I had my card compromised after using Renderosity on Feb 21st. Luckily charges were stopped by the card company. I put it down to something at my end and although I take care etc I re-scanned, ran anti-malware etc and found nothing. I got a new card issued and used it only once, at Renderosity on Mar 14th, and immediately afterwards it was used fraudulently. At least this thread reassures me the problem isn't my end but there does seem to a complacent attitude from Renderosity over this so despite having used the site for years I will avoid it for the immediate future at least.


Fredy posted Wed, 25 March 2015 at 6:03 AM

@zicsov Same here and also nearly at the same time. First card end of February, second card mid of March. First card after using it at Rendo but I used for a lot of stuff, second card used it only for three shops (Amazon, Paypal and Rendo) and the last one was Rendo and after using it here I got my card compromised.

My system is clean due intense scanning with two different anti-virus-tools and anti-virus is of course always active.
I am also always checking for HTTPS connection before entering any credit card info.

I am a long time user and shopper here at Rendo but I will consider it multiple times before I enter any credit card info again here.
At the moment I have too much trouble because of this lack of security here.


hornet3d posted Wed, 25 March 2015 at 4:20 PM

Just fell across this thread and it has been a revelation.  My Credit Cards have been done 5 times in seven months and I was beginning to take it personal.  Both of these cards are only used for purchases at three sites, here, e-on software and RDNA.  One card I had re-issued and I did not use it for two weeks.  I then used it at here at Rendo and within 48 hours I have the fraud prevention on the phone because it has been hacked again.   Tried a separate card and used it only at Rendo, hacked again.  Now those that know about these things may well be able to explain many different ways that this can happen but another card that does not go online and is used for face to face purchases has remained secure.

 Wherever this problem is I know that as soon as I have spent my upcoming bonus for my purchases in March I am taking a three month break from buying anything here.   

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


Vaskania posted Wed, 25 March 2015 at 5:38 PM

If any of you are on wifi, also note that an unsecured connection (or even a badly secured one) can also be compromised, which can lead to a CC hijacking.

-----sig-----
Daz, Blender, Affinity, Substance, Unity, Python, C#


hornet3d posted Thu, 26 March 2015 at 5:22 AM

If any of you are on wifi, also note that an unsecured connection (or even a badly secured one) can also be compromised, which can lead to a CC hijacking.

I understand that and that is good advice but in my case the modem is not only password protected but it also runs a blacklist with the only exceptions being my PCs and Kindles.  In addition I also do all my banking online but never use my debit card for purchases, online or otherwise, just for ATM withdrawals.  My wife uses the same network and the only card that have been hacked are mine and only the ones used for 3D related purposes.  After the third occasion I only used the cards for purchases here at Rendo and I was hacked twice more.  I did however use the other accounts for Amazon purchases and they have stayed secure so far.  I am not blaming Rendo as I have no proof and so it would be wrong for me to do so.  Having said that it does seem a wise precaution for me to stop spending here for at least a few months.  Of course, if I take a break and then come back and I get hacked again, despite what anyone might say, my spending ban will become permanent.  To do otherwise be rather foolish under the circumstances.

One final thought, the people who post here are a small proportion of those who shop here, plus, I only found this thread after another thread I was interested in was moved from the Poser forum.  Given this information I wonder just how many people who shop here have had their cards hacked recently. 

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


Fredy posted Thu, 26 March 2015 at 6:48 AM

If any of you are on wifi, also note that an unsecured connection (or even a badly secured one) can also be compromised, which can lead to a CC hijacking.

...and all of us here in this thread have an unsecured connection? Come on! I for example are not shopping through Wifi, I have a closed network, firewall and whitelist (only devices I know are allowed in my network).

All the statements you can read in this thread point to major security issue here at Rendo. 


Vaskania posted Thu, 26 March 2015 at 9:21 AM

Kindly quote me where I said in exact words that it's not Rendo? You seem to have missed where I said IF and gave a possibility. Did I say it was a certainty? Did I say it was everyone?

Just because YOU'RE not shopping from an internet cafe doesn't mean someone else isn't. Good, great, I'm glad your shit's secure. Not everyone is tech savvy enough to Fort Knox their wifi.

I merely offered a possibility for those that MIGHT fit that situation. Please don't read more into it than that.

-----sig-----
Daz, Blender, Affinity, Substance, Unity, Python, C#


Cupcake posted Thu, 26 March 2015 at 9:37 AM

Well you can add me to the growing list as well.. My card was hacked just this Tuesday the 24th-25th. And I have the same list of shopping places as well,Rendo, Daz, RDNA, and Amazon.

I've caught two charges so far that seem to have made it through. One was a calling card service and another for airfare. So I have a claim to dispute them. But again, I now have to wait the 10 full business days for my new card to arrive.. This is the second time i have had this happen not even in a 6 month span. It's very disheartening. I keep checking my computer for any spyware, but I am getting nothing.


Fredy posted Thu, 26 March 2015 at 9:54 AM

Sorry, you're right Vaskania!
I have read more into your reply as you really stated. Sorry!

But to be honest an open Wifi is a VERY unlikely option for all the shit that is happening to Rendo's customers in this thread.

It would be nice to get some kind offical statement from Rendo's side about the current progress of their investigations and what they are doing to prevent something like this in the future.


Fredy posted Thu, 26 March 2015 at 12:13 PM

I just received the customer notice regarding this issue.

Thanks a lot, very much appreciated.


Maxidyne posted Thu, 26 March 2015 at 1:11 PM

After the notification I've been in contact with my bank and my card has been hacked too. I have to wait 7-14 days for a new card.You are right it is very disheartening, maybe I'll give online shopping a miss in future.


Lyne posted Thu, 26 March 2015 at 1:22 PM

Yes, I got the notice too... at least NOW I have more information to show my bank that it was indeed HACKED...it will help with my on-going "dispute" !  I have the $521 charge to EtheopianAir in UGANDA that slipped through before Visa called me on a declined $1000 charge. :(  I am STILL in the resolution of this charge... how CAN they believe I would charge such a thing?!  grrrrr!!  

I WILL USE PAY PAL AS A GATEWAY WITH A NEW CARD!!! THEY CAN NOT WIN!!!  I WILL SHOP!   

Life Requires Assembly and we all know how THAT goes!


hornet3d posted Thu, 26 March 2015 at 1:27 PM

Well you have a right to complain when something goes wrong but it should be balanced by praise when a company does something right.  Thank you Renderosity for being upfront and admitting that the Renderosity site had their security breached.  Not only that, they have given dates and tried to explain how it happened.  They could have kept their heads down and said nothing.  OK, the hacking was still annoying but it puts my mind at ease knowing that the this site was the source of the problem and that it has been dealt with.

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


Maxidyne posted Thu, 26 March 2015 at 1:31 PM

That's terrible Lyne, I'm waiting to find out if mine gets refunded. At £70 it's not as much as yours but money is money.


hornet3d posted Thu, 26 March 2015 at 1:34 PM

Yes, I got the notice too... at least NOW I have more information to show my bank that it was indeed HACKED...it will help with my on-going "dispute" !  I have the $521 charge to EtheopianAir in UGANDA that slipped through before Visa called me on a declined $1000 charge. :(  I am STILL in the resolution of this charge... how CAN they believe I would charge such a thing?!  grrrrr!!  

I WILL USE PAY PAL AS A GATEWAY WITH A NEW CARD!!! THEY CAN NOT WIN!!!  I WILL SHOP!   

I don't use Pay Pal due to the fact I have had that account hacked in the past and they were a lot harder to deal with than the banks.  On the other hand that was a few years ago now and they may be better on both fronts, I just don't want to take the gamble.

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


tyllo posted Thu, 26 March 2015 at 2:10 PM

Thank you for the NOTICE that Renderosity sent me today!  It explaines a lot what happened with my card...  BTW -I've got a new card from my bank.

Anyhow I'll avoid to make payments with it online, PayPal will be my first option for purchaising here.


cain97 posted Thu, 26 March 2015 at 2:16 PM

I'll take annoyance over theft any day.  Might be a pain to get a new card, but better that than having to get a new card and losing a hundred bucks like what happened to me previously.  (That money was eventually returned, but the inconvenience was very frustrating.)  Thanks to Renderosity for letting their customers know there is a problem.  I'll have to be more cautious. :)


Cupcake posted Thu, 26 March 2015 at 3:02 PM

Thanks for the Notice . I am glad that the breech was found and listed the dates in which it did occur. At least this gives some sort of relief to know where it originated from. I do believe PayPal will be implemented from this point out as a extra safe guard. So far I am 70 bucks in the hole, but the investigation is taking place so hopefully all will be resolved.

As for your situation  Lyne, I do hope they refund you every single amount.At least you now have concrete proof as to where it started from. Sending you best wishes in the recovery and refund as soon as possible.


markht posted Thu, 26 March 2015 at 5:32 PM

My credit card was used for two large unauthorized purchases on Mach 14th and 16th. It was the same credit card I used here for purchases on March 3rd, 9th and 14th. The March 16th purchase was flagged by my credit card company as possibly fraudulent and they contact me. They canceled that credit card and issued me a new one.

The March 16 transaction was rejected by the credit card company, but I may need to dispute the March 14th one if it makes it to the bill. We already told the credit card company it was fraudulent.

It is good to find out where the problem was and that it is now fixed. 


SAMS3D posted Thu, 26 March 2015 at 5:50 PM

Thanks for the notice, too bad I did not get this a week ago, my credit card was also hacked, now like the others I have an official letter to show the bank.  Such a pain. Again I appreciate the official letter. On my statement 6 charges of 300 and more, approximately 2000.00, I am in dispute for all charges. 


Chatjd posted Thu, 26 March 2015 at 7:22 PM

I received the notification but I guess I was one of the lucky ones as nothing was taken from my accounts, no fraudulent charges that could be found in my purchases.  However, to be on the safe side, I called the Bank (BofA) to ask them to cancel the card and issue a new one, with a new number.  The customer service representative was confused as he said that the Bank hadn't been notified of the breach, that he had never run across a site that notified the customers like this first before even the bank was notified of a potentially compromised card. 

So, kudos, Renderosity for going the extra step to give us notification so we could proactively protect ourselves from potential fraud.  I know it makes me more willing to purchase from here, knowing that our security is being taken seriously.


skip posted Thu, 26 March 2015 at 7:39 PM

I was hacked at also and I found out on Feb 27th.  I had to get a new card and whole thing

  I think they raided Steam punk so watch it out there folks. 

Skip 


hankstr posted Thu, 26 March 2015 at 7:53 PM

Count me is as hacked twice too.  I did a purchase here on Feb 23rd and again on March 3 with a new replacement card.  Both were hacked.  At that time I had no idea

the origin of the problem.  To be honest, I'm quite hesitant to purchase another product here after all that stress.  I like renderosity a lot but that was a huge headache for me.

hankstr 


torgas posted Thu, 26 March 2015 at 8:33 PM

Yep my CC was hacked as well.  Over $1300 was attempted to be charged at Walmart.com.  Luckily my CC Company realized what was going on and declined the transaction, and then notified me immediately asking if I was the person placing the transaction.  I told them I was not, and they have cancelled the card and are sending me a new one.  Though I guess I'm glad it was only the one transaction, which didn't go through.  All of this happened last week, and now today I receive the notice.  At least now I know what and how it happened, but I'm still disappointed.  I'm going to spend some time weighing whether or not to continue to do business with Renderosity, which is too bad since the vendors here are top notch.  If I do decide to continue I will only use Paypal going forward.  


keppel posted Thu, 26 March 2015 at 8:34 PM

Can someone please post a copy of the "Notice" that explains where/how this breach occurred.  This topic has been at the top of the thread board for numerous days now and now some sort of discovery/resolution has been found and there hasn't been any public statement made about it other than a reference to some "notification".

My Renderosity Store
Virtual Furnishing
My Portfolio



cypherfox posted Thu, 26 March 2015 at 9:33 PM

Greetings,

@keppel - If you go to your messages (the 'Sitemail' inbox icon at the top of the screen), there may or may not be a message 'Renderosity Customer Notice' in your inbox.  This was apparently sent to everyone who made a credit card transaction on 'Rosity during the period of February 9th and March 18th of this year, which was the vulnerability window.  If you didn't make a purchase during that time, you're likely in the clear.  They don't explain in any detail how/where the breach occurred; they don't store credit card numbers themselves, but apparently there was a way for the bad guys to pull the credit card information from the checkout process itself.  They've left that detail unclear, and it's reasonable as I don't think we need the technical details.  (As much as I, as a software security developer, would love to know the gory details, I very much understand that choice.)

But the important thing is that if you DON'T have that email, then you are likely not exposed.

Personally, I'm nervous, as I used my replacement card once on the VERY last day of that time frame. :(

--  Morgan


dml2000 posted Thu, 26 March 2015 at 9:36 PM

Only members who made purchases during Feb 9  to March 18th were notified, but there should be posted on the homepage in case emails were not delivered, or sent to spam.

I had only a single fraud charge of $600 to Best Buy Online and my card company blocked it and notified me within minutes. Four days later I got my Card and used it here only to find out the new card number may be in the wind as well..  for now I'll do a wait and see as no further attempts to use my card has been been made and I check my online account every other day.  I have been assured that any fraudulent purchases will not be charged to my account   


rty posted Thu, 26 March 2015 at 9:48 PM

I've had three cards hacked lately after using them here! First two were caught by the card issuer (AMEX), the last one by myself since I had put up safeguards (email alert for any purchase over $100). The three events were so close to each other I knew the problem could only be here, for I hadn't had the time to use the newly issued card anywhere else... Now I use Paypal. With the largest password possible (only 20 characters allowed, the darn idiots).

The "message" is a newsletter sent by Rendo today (at least for me), and it reads:

This correspondence is to notify you that Renderosity has concluded an investigation into unauthorized access to payment card data on our website. Unfortunately, our investigation found that between February 9th and March 18th of this year, there was an intermittent attack that resulted in the exposure of some payment card information to an unauthorized third party.

By policy, Renderosity does not store credit card information. However, the nature of this attack resulted in the capture of sensitive information during the check-out process itself. Only customers that used a payment card directly on the site during this time-frame were at risk. PayPal orders were not at risk.

Renderosity has since increased security for all of our production servers, implemented a new IDS (Intrusion Detection System) to insure real-time alerting and active response to such attacks going forward. In addition, we have engaged a third-party to perform a complete security analysis of our hosts and applications in addition to regular PCI (Payment Card Industry) scanning as required by our payment processor to be certain we have rectified all potential security issues.

Since you placed an order using your credit card during this time frame, we urge you to immediately contact the issuer of your credit card to have it replaced for your protection.

We want to emphasize that Renderosity takes the security of our customers very seriously. We sincerely apologize for this inconvenience and appreciate your continued support. If you have any additional concerns or questions, please feel free to contact store@renderosity.com and we will address them quickly and professionally.

Sincerely,

Tommy Lemon

Vice-President, Renderosity

I'm happy they eventually caught that problem. I sure hope they will be a little more vigilant in the future. Hacking paying systems is common nowadays, and there are only two kind of targets; The easy ones, and the very easy ones...


keppel posted Fri, 27 March 2015 at 12:11 AM

@rty

Thanks for posting the message.  This hacking didn't affect me as I don't use my credit card here hence why I didn't receive the message,  however due to the number of people this did affect and the indication that many responders would not be purchasing here with their credit card here again I would have thought Rendo would have come out on the front foot and made a public statement rather than just a message to those stung by the hackers.  With the Community Center Forum being a public forum and with this thread receiving 1299+ views I think an "Announcement" is warranted.

My Renderosity Store
Virtual Furnishing
My Portfolio



LilOne posted Fri, 27 March 2015 at 12:33 AM

Happened to my hubby too last week (seems someone bought bus tickets to an airport in Sweden via an on-line site!), although he did get a call from his bank before the Rendo e-mail.  Again, this happened just after a purchase he made on here, so there is something somewhere going on between events there.

Personally I never use my actual card online, but what my bank provides that they call e-card -- you specify allowed amount and a valid-until date -- but foremost PayPal.  Never had an issue with them, so can't say much about support or lack thereof, but I've had them for over 10 years now.


badbear posted Fri, 27 March 2015 at 1:37 AM

Gee Whiz I was reading Kristi mention of how secure and impossible it is to steal data ..

Hi Lyne,

We do not store credit card numbers in our database and after the number is entered, it gets heavily encrypted so it cannot be accessed.

We are very sorry this has happened to you and can assure you it did not happen on our site.

Warmest Regards,

Kristi

Renderosity Admin

Which is real funny cause I got an Email from them today that reads…….

This correspondence is to notify you that Renderosity has concluded an investigation into unauthorized access to payment card data on our website. Unfortunately, our investigation found that between February 9th and March 18th of this year, there was an intermittent attack that resulted in the exposure of some payment card information to an unauthorized third party.

* By policy, Renderosity does not store credit card information. However, the nature of this attack resulted in the capture of sensitive information during the check-out process itself. Only customers that used a payment card directly on the site during this time-frame were at risk. PayPal orders were not at risk.*

* Renderosity has since increased security for all of our production servers, implemented a new IDS (Intrusion Detection System) to insure real-time alerting and active response to such attacks going forward. In addition, we have engaged a third-party to perform a complete security analysis of our hosts and applications in addition to regular PCI (Payment Card Industry) scanning as required by our payment processor to be certain we have rectified all potential security issues.*

* Since you placed an order using your credit card during this time frame, we urge you to immediately contact the issuer of your credit card to have it replaced for your protection.*

We want to emphasize that Renderosity takes the security of our customers very seriously. We sincerely apologize for this inconvenience and appreciate your continued support. If you have any additional concerns or questions, please feel free to contact store@renderosity.com and we will address them quickly and professionally.

Sincerely,

* Tommy Lemon*

* Vice-President, Renderosity*

 

So it seems Mr. Lemon Disagrees

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


ItWasNotAvailable posted Fri, 27 March 2015 at 5:13 AM

Yes...I am relieved that it has finally been looked into properly as I was saddened by how this was handled so far. A whole month though between the first complaints and the constant warnings from the customers that it had to be here is a true shame, especially as I felt we weren't taken seriously. I hope we can speak about lessons learned on both sides now and move on.


IceEmpress posted Fri, 27 March 2015 at 6:42 PM

Also happened to me, with two credit cards.  The second card was only used on Amazon, Daz, and here, so it has to be one of those three sites.  Sorry, Rendo, but because I refuse to use the vile company known as Paypal, this breach means that I will never be shopping here again-- you've left me with no choice, which is heart-breaking, because there is so much good stuff here.


SydneyInPeril posted Fri, 27 March 2015 at 6:48 PM

I had my bank call me two weeks ago about attempted fraud on my card. Thankfully I only had the inconvenience of dealing with being without my card for a week and a half. On the other hand, I'm now getting calls on my phone from "card service" scammers. Two this week already. Now that they know there's a card associated with that phone number, they're trying to get a hold of the number again so that they can try to clean me out again.

Also, I noted that there was a mention of having a security audit done. Can we please have an announcement of when that's been finished, and the result and actions taken based on it?

BTW, I don't trust Paypal (they need to be regulated as a bank, because they effectively are)... and until I know the status of the security audit, I don't plan on using anything other than a prepaid gift-card here. (I'm actually considering just doing that online period.)


IceEmpress posted Fri, 27 March 2015 at 6:50 PM

Forgot to mention that my card was skimmed on the 23rd.  So anyone who used their CC here up to that date should check with their CC company for possible fraudulent charges.


Lyne posted Sat, 28 March 2015 at 12:02 PM

Everyone is going to have their FEELINGS about the trustworthiness of PAYPAL, banks, companies, and so on... the thing is my cards have been hacked by those hackers who get at orders DURING THE CHECK OUT PROCESS, AT ANY SITE, NOT JUST HERE.... and it HAS to be noted that while I have been "afraid" of PAYPAL for YEARS, they ARE the ONLY ones who (so far) have not been hacked...it DOES add a layer of "invisibility" to simply hook up a credit card to pay pal, and use them as a "gate way" TO your card, in checking out....it's like putting an "invisibility cloak" on your card! (NOT keeping any money IN paypal) so the process of checking out becomes hidden... I'm going that route...what other choice do I have? I WANT TO SHOP....so I have to FIGHT BACK and TRY.  It still COSTS to use a gift cert...?!

 Good luck everyone... !! It's an evil world with hackers in it...but we need to fight back. 

Life Requires Assembly and we all know how THAT goes!


Anglofdrknss posted Tue, 31 March 2015 at 10:39 AM

HI all. Just received and talked with someone at my credit card company. An individual/s tried to buy airline tickets with my card and they were denied. Also other things were denied that  I had bought just recently, (couple of books), so the operator and I went back two weeks,  this is still ongoing. I don't blame anyone except the person, (note I really restrained myself here), that did this. I hope they catch them. Thank you Rendo, for your recent email sent out also. 


IceEmpress posted Tue, 31 March 2015 at 4:34 PM

You didn't have to restrain yourself that much.  This isn't the DAZ forums-- things aren't so strict that you can't call the ass bastards who did this a few choice names.  Just have to keep all but the mildest profanities out of it :)

I have multiple problems with paypal-- someone mentioned that if someone manages to steal your CC AND get a hold of your paypal account, that it's incredibly difficult to clear things up with them, apparently.  They also have a terrible habit of shutting down your account if they think its activity looks suspicious, which doesn't take much.  When my mom and I have used it, they've tacked on hidden fees. 

I also agree with someone else in this or a similar thread that they need to be regulated as a bank-- as do all other online transaction companies based on the Paypal model.

I also take exception to the way that they put the burden on the seller/vendor side of the transaction, among other things that they do to the vendor.

They also have a nasty history with the treatment of NPOs and freezing their funds on a whim.  This is due largely to their "automated fraud monitoring system"-- this same system also hurts vendors.

Personally the only company I would use for e-transactions is Amazon-- my mom has used it a lot without problems, unlike with Paypal.  I would not expect Rendo to ever offer that as an option however as the company is completely inflexible on the vendor-end.


hankstr posted Wed, 01 April 2015 at 12:02 PM

Well you can add me to the growing list as well.. My card was hacked just this Tuesday the 24th-25th. And I have the same list of shopping places as well,Rendo, Daz, RDNA, and Amazon.

I've caught two charges so far that seem to have made it through. One was a calling card service and another for airfare. So I have a claim to dispute them. But again, I now have to wait the 10 full business days for my new card to arrive.. This is the second time i have had this happen not even in a 6 month span. It's very disheartening. I keep checking my computer for any spyware, but I am getting nothing.


hankstr posted Wed, 01 April 2015 at 12:03 PM

Is it safe to purchase again on Renderosity with a CC?  Has the problem been totally resolved? 


hornet3d posted Wed, 01 April 2015 at 12:57 PM

Is it safe to purchase again on Renderosity with a CC?  Has the problem been totally resolved? 

Who really knows, but I can say that I have used my third card here at Rendo after the date mentioned in the message and it is all fine so far.  In the past I was hit within 24-48 hours after using it here.  That said I am still sticking with the idea of making a big dent in my wish list with my render rewards this month and than giving Rendo a break for three months.  As I said in another thread, Rendo will not miss my spend but the $200 - $300 I will save will go some way in making up for all the time I wasted dealing with fraud departments in the last few weeks.

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


Fredy posted Wed, 01 April 2015 at 2:06 PM

I for myself will never use my standard credit card again here at Rendo. I had too much trouble and I still have to fight for 800 Euros with my credit card company due to the lack of security in the last weeks here. Maybe Paypal, maybe a prepaid card with a low amount of money, but normal credit card, never. 


drifterlee posted Wed, 01 April 2015 at 5:41 PM

My card was hacked and the new card they gave me was hacked immediately. What a mess!!!! I only download from Rendo and haven't even been online much. Now I have a nasty virus on my two main art PCs. It shutdown my virus scanner and wiped Windows system restore points off the PC. Now I have to reformat my two PCs. Luckily, all my runtimes are on an external drive that did not get infected. It's been one nasty thing after the other. I am really upset.


drifterlee posted Wed, 01 April 2015 at 6:02 PM

Unfortunately, my PayPal account is now locked, too.


cheesywests posted Thu, 02 April 2015 at 6:12 AM

Hello,

its very bad, but change all passwords between 7 days. and keep safe passwords.

thanks,

http://www.thecheesyanimation.com/Interior-Design-&-Rendering.html


JohnDelaquiox posted Thu, 02 April 2015 at 10:38 AM

I just want to say thank you to the Renderosity Staff for not only providing one of the most unpleasant but now insecure shopping experiences on the internet. Thank for the inconvenience of having my only card hacked leaving me unable to buy anything, pay any of my bills, and now having to wait a week for a replacement. Thank you for making me feel like I can no longer trust your site.Thank you for the late fees I now have to face. Thank you for always knowing just how to make me feel unwelcome on your site. Thank you for always knowing how not to make me feel like a valued customer of several years. Thank you for never taking responsibility for when you have done something wrong. Thank you for never fixing any of the problems your site has had over the years.


dorothym posted Thu, 02 April 2015 at 6:43 PM

Let me add to the list.  I was hacked too!  

I now have been getting weird text messages on my phone and phone calls in the middle of the night from these people who stole our credit info.  Now I have to change my phone number.  Has anyone else experienced this?

Anyways, I don't think I will trust this site to make a purchase again, especially if others here have stated that they have had this happen to them more than once.  No biggie to them because I'm not a big spender here anyways.


hornet3d posted Fri, 03 April 2015 at 4:30 AM

Let me add to the list.  I was hacked too!  

I now have been getting weird text messages on my phone and phone calls in the middle of the night from these people who stole our credit info.  Now I have to change my phone number.  Has anyone else experienced this?

Anyways, I don't think I will trust this site to make a purchase again, especially if others here have stated that they have had this happen to them more than once.  No biggie to them because I'm not a big spender here anyways.

I had two cards done and then one of the new cards was hacked again, so three hacks in all.  I fairness I do, sorry did, buy a lot of stuff here and all of the hacks happened in the time scale they have announced. 

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


drifterlee posted Sat, 04 April 2015 at 12:00 PM

i also got a bad virus the same time. I noticed that after my card was hacked my internet connection slowed way down. Then my virus scanner was disabled and my PC started to act like a virus was on it. I disconnected it from  my home network, but not before the virus jumped to my other desktop PC. Luckily it didn't get onto my laptop. Now I have to reinstall Poser, Vue and all my other progs. I never visit bad web sites, only Rendo, Daz, Amazon, RDNA and MSN.com. I think the virus came from the hack at Rendo. Now I'm afraid to buy anything. I also have to wipe my drives. This is awful!!!!!!!


hornet3d posted Sat, 04 April 2015 at 1:42 PM

Well I must admit my computer has started to blue screen on a regular basis but I can't see how that was related to the hack and I have been not been able to find any virus. 

On a brighter note I have now used my April Prime Voucher and last months render rewards to eat into my wish list.  My intention now, unless there is product that I feel I must have, that is it for the next three months.  Now all I need to do is keep my fingers crossed that this order made it through securely this time, guess I will know in a day or two.  

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


ionious2 posted Sun, 05 April 2015 at 4:55 AM

Well you may have answered a puzzle for me. My credit cards were hacked 3 times during the period stated which I have put down to Rendo as I was buying frequently at the time. More worryingly my computer keeps going down with blue screen since the hacks, I have virus scanned lots of times, but cannot find the problem, now I am really scared.  


FrankT posted Sun, 05 April 2015 at 1:08 PM

try malwarebytes - it's pretty good at finding gremlins and removing them and it's free

My Freebies
Buy stuff on RedBubble


IceEmpress posted Wed, 08 April 2015 at 10:35 AM

^^Since when is it free?  Isn't it like 200 bucks per year?  There's a free 30-day trial, but that's it.


wimvdb posted Wed, 08 April 2015 at 12:45 PM

since forever. Free for home use


FrankT posted Wed, 08 April 2015 at 2:07 PM

what Wimvdb said.  I have had it installed on several PCs for ages and never paid anything for it

https://www.malwarebytes.org/mwb-download/ Right hand column is the free one

My Freebies
Buy stuff on RedBubble


okolb posted Wed, 08 April 2015 at 7:04 PM

My credit card was hacked here on Renderosity during payment. It took Renderosity about 4 weeks to find out and another 6 days to notify me. It was too late to block my CC.

So someone went shopping with my CC for about 700 EURO. Congratulations Renderosity! I could have bought a lot of stuff here but now I will stop using this shop.

okolb


Banaman posted Tue, 14 April 2015 at 7:01 AM

I have been hacked on 2 cards here.

I am mad at Renderosity and the hackers.


hornet3d posted Sat, 18 April 2015 at 9:29 AM

My credit card was hacked here on Renderosity during payment. It took Renderosity about 4 weeks to find out and another 6 days to notify me. It was too late to block my CC.

So someone went shopping with my CC for about 700 EURO. Congratulations Renderosity! I could have bought a lot of stuff here but now I will stop using this shop.

okolb

Now that is a real pain and you have my sympathy.  The fraud detection systems were up to speed in my case and I each case the C/C company noticed the fraudulent activity within 24 hours and most of the large amounts were declined.  On the other hand two relatively small amounts did get through and while the C/C company was helpful it is only in the last few days that I have had it confirmed that my account will be credited with the full amount. What with all the other stuff going on Rendo it has certainly not been a fun place to be for the most part of this year so far.  I would say 'smile,things could be worse' but I am afraid to smile and thus insure things get worse.   On the plus note Rendo has done little to make me smile for quire a while so they are doing their bit.

 

 

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


PAnn posted Sun, 19 April 2015 at 12:05 PM

I have been hacked 3 times now since last September.  Only same purchases were here or Amazon and after getting notice sent out from Renderosity, I figure they might have been here then. The first two were testers for small amounts that the credit card company called me about but the third was for $1,000 worth of shoes and unfortunately I had to find that one and report it as fraud.. I got that straightened out and removed from my account but now my card is on watch for any other funny transactions.  May I make the suggestion of getting a small balance credit card from a store that offers them or some other entity other than your bank. I went with a major chain store and that way they have no access back to my bank accounts. Since  my fourth new card, I haven't shopped here other than a small purchase with Paypal. Frankly I am getting tired of getting calls and cancelled cards and now each one of the attacks on my card was done with the new number I had just been given............so someone is still watching somewhere and snatching because my third card only lasted 2 weeks before it had to be cancelled.  So beware.......don't know what can be done to keep safe anymore..........


hornet3d posted Sun, 19 April 2015 at 1:36 PM

I have been hacked 3 times now since last September.  Only same purchases were here or Amazon and after getting notice sent out from Renderosity, I figure they might have been here then. The first two were testers for small amounts that the credit card company called me about but the third was for $1,000 worth of shoes and unfortunately I had to find that one and report it as fraud.. I got that straightened out and removed from my account but now my card is on watch for any other funny transactions.  May I make the suggestion of getting a small balance credit card from a store that offers them or some other entity other than your bank. I went with a major chain store and that way they have no access back to my bank accounts. Since  my fourth new card, I haven't shopped here other than a small purchase with Paypal. Frankly I am getting tired of getting calls and cancelled cards and now each one of the attacks on my card was done with the new number I had just been given............so someone is still watching somewhere and snatching because my third card only lasted 2 weeks before it had to be cancelled.  So beware.......don't know what can be done to keep safe anymore..........

In the time period admitted to by Rendo my cards were none three times but if you are going back as far as September then I have been hacked five times in total.  The other two cards were only used here and at Amazon.  However I have other cards I use at Amazon and they were not hacked only the ones used there and here. Although I have no proof I do suspect that all the hacks were due to this site.  So far I have reduced my spending here by around 75% and I am looking to reduce it further.  If the card I am using here gets hacked again (it is only used here) I will end my spending completely.  Although, considering what is happening here, that might happen anyway. 

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


dorothym posted Mon, 20 April 2015 at 6:17 PM

Hornet3d..really 5 times?  Wow!  Why hasn't Renderosity done something about this?  


Nosiferret posted Sun, 26 April 2015 at 9:23 PM

You know a few years ago there was a rash of spam emails that was hitting people. The kind that said they had a wealthy client who needed to give away his massive fortunes, etc. For weeks we went around and around with Renderosity about there being a leak and they kept saying the same old story: Our servers are secure, there have been no hacks, I had created a new email and let it sit dormant for a few weeks, had nothing hit it so I assigned that email address to my Rendo account and suddenly within like 2 days I was getting spammed with scam messages.....and then I think about 2 months after it had all started Rendo finally admitted that there had been a break in and information was taken. I just remembered how so up front in our face they were about how it wasn't on their end, beating on the their system was safe and secure drum.

If you don't keep up on your security, you're going to get hacked. Too many businesses don't spend the $$ on keeping their systems updated and they run with outdated operating software, because it's cheap...and low lives out there are always picking and poking around to find a weakness and once they get in....this  happens.  Yesterday it was emails, today credit card information. I would like to see businesses held accountable for peoples losses because of their lazy IT habits. 

I agree with others that there should have been a front page article on this subject. Because if I hadn't been bored this evening, and just scrolling around, I would not have seen this thread. I get a lot of mail on the email address I use for this site, and I found this message in Promotions tab with Chrome which files emails based on how merchants sends them out...so way to go Rendo. Why not send a message to my Renderosity site mail instead? After all what is site mail for? 


IceEmpress posted Tue, 28 April 2015 at 1:20 PM

There are still some things I really want here...  I've been thinking of getting a low limit CC for use just on this site, since someone mentioned in one of the threads that his antivirus told him that unlike RDNA and Daz, this site wasn't secure.  That way, if it gets hacked again, it won't be much of a loss.  That said, just in case I do decide to shop here a little again, my wishlist is a shadow of its former self-- from 1700 to 400 bucks, and only stuff that I really want.

(Before anyone says anything, I REFUSE to use Paypal-- it's very user and merchant unfriendly, plus unethical)

Oh, gosh, Rendo did another site update?  At least it doesn't appear to have affected the free stuff page so far...  Though I haven't tried the search function there, yet.


SydneyInPeril posted Wed, 06 May 2015 at 8:32 AM

Yeah, I pretty much decided I'm done here for a while. I had to have my card reissued (my bank was really damned well on top of this), and when I questioned whether Rendo did enough, I got the "we did more than the law requires".

Yeah. I still don't feel good about the way this was handled, and it's too late now to actually publicly announce it.


hornet3d posted Mon, 11 May 2015 at 5:31 AM

Yeah, I pretty much decided I'm done here for a while. I had to have my card reissued (my bank was really damned well on top of this), and when I questioned whether Rendo did enough, I got the "we did more than the law requires".

Yeah. I still don't feel good about the way this was handled, and it's too late now to actually publicly announce it.

What I find so strange is that, on so many other issues Renderosity seems to be pushing a very ethical line, or it least that is what I perceive by the TOS for the galleries and the like. That being the case the defense of "we did more than the law requires"  is a cop out.  It is like saying we are against violence and many forms of nudity but we sort of support fraud.  Even if the users here get the fraudulent c/c charges refunded the companies themselves will be left picking up the tab for all those flights and flat screen TV's and while I don't have a great deal of sympathy with the credit card companies, Rendo's response seems to be close to being morally bankrupt. 

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


SydneyInPeril posted Thu, 14 May 2015 at 9:34 PM

And to add insult to injury, I'm fairly certain that the criminals got my phone number as well; The past couple of months I've had 1-2 calls a month from scammers offering to "service" my credit card. I've never had it happen until I needed my card replaced, and I'm pretty damned sure it's because "hey, this phone number, the owner has a credit card too".


hornet3d posted Fri, 15 May 2015 at 4:39 AM

And to add insult to injury, I'm fairly certain that the criminals got my phone number as well; The past couple of months I've had 1-2 calls a month from scammers offering to "service" my credit card. I've never had it happen until I needed my card replaced, and I'm pretty damned sure it's because "hey, this phone number, the owner has a credit card too".

Just after I was hacked for the second time I had a notification that my password had been changed.  I immediately contacted the company involved and they informed me that the person doing the change needed to have personal information as well as the credit card details.  We added extra security at the time and within days I had a phone call from the company saying someone had called pretending to be me, thankfully they failed the extra security.   As to phone calls I really don't know as I never answer the phone, if it is family they know to either leave a message or email me.  The statement from Rendo said they did not keep credit card information but that information had been passed to an 'unauthorised third party' during the order process. I read that, rightly or wrongly, to mean any information Rendo has on me which includes my phone number so I would not be at all surprised if we are not all on a target list somewhere.  More upsetting I don't think Rendo really understand the impact this has had on their customers.  OK, they have owned up and closed the leak, we hope, and they have moved on while many of us are still dealing with the consequences.

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.


SydneyInPeril posted Fri, 15 May 2015 at 8:07 AM

As to phone calls I really don't know as I never answer the phone, if it is family they know to either leave a message or email me.  The statement from Rendo said they did not keep credit card information but that information had been passed to an 'unauthorised third party' during the order process. I read that, rightly or wrongly, to mean any information Rendo has on me which includes my phone number so I would not be at all surprised if we are not all on a target list somewhere.  More upsetting I don't think Rendo really understand the impact this has had on their customers.  OK, they have owned up and closed the leak, we hope, and they have moved on while many of us are still dealing with the consequences.

I still don't think they've "owned up", I'm afraid. Yes, they messaged those affected... but it should have been public, front page, "we've been hacked, added extra security" announcements. But yes, I don't think they truly understand the impact it's having on us. I was already one of those that doesn't answer when the number is unrecognized, and I'll try to look it up online while the phone is still ringing (which is how I know one of them is the credit card "service")... but it's adding reinforcement to that behavior with this having been added to the calls I get.


dorothym posted Fri, 15 May 2015 at 7:24 PM

I had to change my phone number because I got a ton of calls from different phone numbers and text messages from people I didn't know.  

I wonder how many people would stop buying here if they were aware of what has happened.


hornet3d posted Sat, 16 May 2015 at 4:17 AM

As to phone calls I really don't know as I never answer the phone, if it is family they know to either leave a message or email me.  The statement from Rendo said they did not keep credit card information but that information had been passed to an 'unauthorised third party' during the order process. I read that, rightly or wrongly, to mean any information Rendo has on me which includes my phone number so I would not be at all surprised if we are not all on a target list somewhere.  More upsetting I don't think Rendo really understand the impact this has had on their customers.  OK, they have owned up and closed the leak, we hope, and they have moved on while many of us are still dealing with the consequences.

I still don't think they've "owned up", I'm afraid. Yes, they messaged those affected... but it should have been public, front page, "we've been hacked, added extra security" announcements. But yes, I don't think they truly understand the impact it's having on us. I was already one of those that doesn't answer when the number is unrecognized, and I'll try to look it up online while the phone is still ringing (which is how I know one of them is the credit card "service")... but it's adding reinforcement to that behavior with this having been added to the calls I get.

'Owned Up' may not be the right term but it least it was something I could supply to my credit card company so they could see I had ordered from Rendo in the time frame stated in the announcement.  They were then willing to refund the fraudulent transactions so I had no financial penalty but there was still a lot of time and grief caused by the security breach.

 

 

I use Poser 13 on Windows 11 - For Scene set up I use a Geekcom A5 -  Ryzen 9 5900HX, with 64 gig ram and 3 TB  storage, mini PC with final rendering done on normal sized desktop using an AMD Ryzen Threadipper 1950X CPU, Corsair Hydro H100i CPU cooler, 3XS EVGA GTX 1080i SC with 11g Ram, 4 X 16gig Corsair DDR4 Ram and a Corsair RM 100 PSU .   The desktop is in a remote location with rendering done via Queue Manager which gives me a clearer desktop and quieter computer room.