log in or register to remove this ad

 

Rpgnow creditcard information stolen


log in or register to remove this ad


DanMcS

Explorer
Nightfall said:
Dan,

Uhm because people want free money? ;)

By "they", I meant "rpgnow". They don't actually need free money, they take a cut of pdf sales :p

Looks like the first thread I linked to has been pulled. Basically, a guy googled his own name, and got a hit to a page which is cached in google which had the name and credit card he had used to purchase stuff from rpgnow or rpgshop.

He reported he could google for his credit card number and get a hit as well, but that's a really bad idea, because any number of proxies, http referrer logs, etc will then have your credit card number in them, since your query to google is sent in plain text. So don't google your credit card number.
 

Nightfall

Sage of the Scarred Lands
Oh I thought you mean steal not store...

Anyway if they don't they don't know where the money is or even if it exists.
 

catsclaw227

First Post
DanMcS said:
Reported on rpg.net, and confirmed by Steve Wieck. I wonder why they store creditcard numbers at all.

This sucks, for sure. I just logged into rpgnow and they don't seem to have a place to edit/modify your credit card data via the My Account console. Is this normally only available during checkout?

I can't remember if they have my credit card data, and I don't know which card I used. I hope we find out soon.

And I also wonder if, in the merger, the credit card data was combined between RPGNow, DTRPG and Enworld Gamestore. That would really suck if all three were now affected.
 


catsclaw227

First Post
Unbelieveable!!! I just googled my name and I got a cached page from some hacker site that showed a TON of credit card numbers, addresses, and names from rpg now.

You won't believe how many there are. WHO CAN I CONTACT ABOUT THIS?!?

It says it was cached on Google on Nov 23rd 2006, so the numbers have been available since then.
 

DanMcS

Explorer
catsclaw227 said:
Unbelieveable!!! I just googled my name and I got a cached page from some hacker site that showed a TON of credit card numbers, addresses, and names from rpg now.

You won't believe how many there are. WHO CAN I CONTACT ABOUT THIS?!?

It says it was cached on Google on Nov 23rd 2006, so the numbers have been available since then.

Google has a contact page. Report the search you used and what you found in their cache, and ask them to remove it.

RPGnow already knows, obviously.

Check that credit card carefully for unwanted charges; contact the CC company itself via their phone help or something for advice about what to do. You may want/need to cancel that number and get a different one issued.
 


JEL

First Post
catsclaw227 said:
Unbelieveable!!! I just googled my name and I got a cached page from some hacker site that showed a TON of credit card numbers, addresses, and names from rpg now.

You won't believe how many there are. WHO CAN I CONTACT ABOUT THIS?!?

It says it was cached on Google on Nov 23rd 2006, so the numbers have been available since then.

Your best course of action is to call your card issuer and have them cancel that account right away (be sure to explain why you're doing it). Then go back through your statements to make sure you don't find any unaccounted for purchases. If you do, then report these to your issuer as well (likely you'll get your money back).
 


Olaf the Stout

Adventurer
DaveMage said:
I don't see my name on any hacker site.

Good luck with getting things straightened out, catsclaw!

I Googled my name too, just in case. My name is only on 3 sites that I could see and I know exactly what all of them are.

Olaf the Stout
 

JEL

First Post
DanMcS said:
Reported on rpg.net, and confirmed by Steve Wieck. I wonder why they store creditcard numbers at all.

Not sure why they would; it doesn't make a lot of sense unless they had people buying stuff in installments. Storing card numbers is allowable, but there are some very strict rules on keeping the information secure. They can be looking at some stiff fines from Visa and Master Card and likely losing their ability to accept credit cards, if they're found to be at fault.
 

Festivus

First Post
What you should do is put a fraud alert on your credit account if you are one of the affected. I recently got one of those letters due to California law stating you must notify someone if their data has been compromised. It is painless and took me about 5 minutes to accomplish.
 

catsclaw227

First Post
I've already send something to Google as well as RPGNow. I hope this is the same page of information that they already know about, and it isn't another cached page.

I haven't had any erroneous charges on my credit card yet, but you can bet your sweet sister that I am gonna get this card cancelled. I feel bad for the other people on this (rather large) list....
 



catsclaw227

First Post
JVisgaitis said:
I tried Googling my name. Its a nightmare wading through everything. I'll just hope I'm not on that list...

I had a lot of entries too, so I googled my name and rpgnow -- after the various reviews, I found the offending page.
 

Morrus

Well, that was fun
Staff member
catsclaw227 said:
And I also wonder if, in the merger, the credit card data was combined between RPGNow, DTRPG and Enworld Gamestore. That would really suck if all three were now affected.

EN World GameStore was not part of the merger; it was merely closed. And ENGS didn't store cc info at all.
 

Nightfall

Sage of the Scarred Lands
*pats Morrus on the head for trying to be the voice of reason in this semi-storm of insanity*

I'm just glad I have no money for them to steal. Honest fellas! :D ;)
 

An Advertisement

Advertisement4

Top