Rpgnow creditcard information stolen

rpghost said:
So why alarm everyone over something that isn't a concern?
Click to expand...

Because that is the ethical thing to do.

It's not your call whether it is a concern or isn't; that's for your customers to determine for themselves. Your customers should be told there was a breach in security. They should have that right. Will it cost you business? Probably. But the shady way you're handling this by not informing ALL of your customers about a breach in security is going to hurt more.

I know I won't be dealing with you, just for the fact that you can't seem to fathom why your customers have a right to know their personal information might have been stolen. And what about those people who no longer maintain the particular email address you had on file? They have no way of knowing their information might have been stolen. Especially since there's no notice on your homepage.

What you should be doing is posting a notice on your homepage that explains what happened, when, who is affected, what steps they should take, what steps you have taken, and what actions have been made to prevent it from happening again. What you shouldn't be doing is trying to sweep it under the rug and make it go away as quickly as possible just so your sales don't suffer.

Do the right thing.
 
Last edited:

log in or register to remove this ad

Ogrork, they did the right thing. They identified the people who might be affected by this and contacted them directly via email. Putting something on their site would be counter-productive as the affected people aren't likely to see it unless the happen to go there, and just serve to scare the folks who are not affected.

What's been done is done, and James had handled this well. If you can't see that, I'm sorry.

Now, can this move on, please. If you have any further issues please take it up with RPGNow directly.

Thank you.
 

greywulf said:
Now, can this move on, please. If you have any further issues please take it up with RPGNow directly.

Thank you.
Click to expand...

Excuse me.

Are you a mod?

Because otherwise, this is apparently the ONLY place I can talk about this with other people who've been directly affected, and so far, the discussion has been extremely helpful to me as somebody who made a VERY large purchase there about the time of the hack.

So I'd appreciate it if you would kindly STOP trying to tell people NOT to discuss this, because this affects me directly and while you have every right to forgive and forget if something affects you, that right does not create any obligation to do the same on my part.
 

:blink:

No. I'm not a mod. Why? Do I need to be to ask politely that folks contact RPGNow if they have greivances.

By all means, discuss away. I'm not going to tell you to do anything.

The mood this thread is in, I doubt folks would listen anyway.

:sigh:
 
Last edited:

Ogrork the Mighty said:
I know I won't be dealing with you, just for the fact that you can't seem to fathom why your customers have a right to know their personal information might have been stolen.
Click to expand...

Is that not what they did?
If one did not tell the software to save the credit card information, it would not have been saved and therefore could not have been stolen. They've said more than once that they only stored that information upon request, and they sent an email to every email account listed on every account that ever used that option.

And what about those people who no longer maintain the particular email address you had on file? They have no way of knowing their information might have been stolen.
Click to expand...

If you let your contact information go out of date, then you are cutting off the channel for the person you gave the contact info to use to contact you.
If I move and don't let my bank know, I can't blame them for not getting my statements to me.

And if the email got blocked by an ISP-side spam filter, I don't see how that's RPGNow's fault either.
 
Last edited:

rpghost said:
And as of now, neither does RPGNow. So why does that make your site more safe then RPGnow?
Click to expand...
Err, you were the one who said that a site using a version of OScommerce was inherently insecure. Joe was just pointing out that CC information would never be at risk with them (and likewise, it will no longer be at risk with RPGNow either).
 

Toccata said:
If you let your contact information go out of date, then you are cutting off the channel for the person you gave the contact info to use to contact you.
If I move and don't let my bank know, I can't blame them for not getting my statements to me.

And if the email got blocked by an ISP-side spam filter, I don't see how that's RPGNow's fault either.
Click to expand...
Welcome to the club of excuse makers. :\
 

molonel said:
Excuse me.

Are you a mod?
Click to expand...
He is not, but I am. This is certainly a sensitive subject, and some amount of temper is understandable - all the more reason to ask for civil and respectful posts. Kindly take up further concerns with RPGnow directly and leave the motive-discerning off these boards.
 

greywulf said:
Ogrork, they did the right thing. They identified the people who might be affected by this and contacted them directly via email. Putting something on their site would be counter-productive as the affected people aren't likely to see it unless the happen to go there, and just serve to scare the folks who are not affected.
Click to expand...
My card number has been stolen (fortunately, I realized and canceled the purchases in time). I did not receive any email (perhaps due to spam filters, I don't know). I didn't hear of this until I chanced upon this thread, and I do desire to know how was it my number was stolen and why. Had I not been using ENWolrd, I would never have heard of this - unless RPGNow posted an announcement on their front page.

In other words, SOME of the affected people would have seen a message on their site, and SOME of them wouldn't receive the email (for various reasons). If only for them, it would have been better for RPGNow to make such a message.

Regardless, I consider putting out a message that you've been hacked as the responsible thing to do.
 

James, while I can understand RPGNow's reluctance to put up a huge announcement on the front page, there doesn't seem to be any information about the problem anywhere on the RPGNow site.

Surely it would be sensible to at least have some information about the problem somewhere on the site, so that customers who are worried can get more information about what happened, or at least know who to contact at RPGNow if they have questions about their particular account details?

It seems a little odd that right now, the only place for anyone to get more information about the problem is on third-party web sites. I know that if I'd been affected, I'd want to be able to check the facts directly with RPGNow, and not have to rely on other messageboards for information.

Just a suggestion...
 

Similar Threads

Abstruse
Steve Jackson Games Releases Stakeholder Report for 2023
2 3 4
Replies
31
Views
8K
Wofano Wotanto
W
Christian Hoffer
Daggerheart Release Date Revealed
5 6 7 8 9
Replies
83
Views
15K
zedturtle
zedturtle
Morrus
Modiphius' Discworld RPG Has A Quickstart And A Trailer--And It's Very Pratchett!
Replies
1
Views
5K
Anon Adderlan
Anon Adderlan
MGibster
Are Game Lines Smaller Today?
2 3 4 5 6
Replies
50
Views
2K
aramis erak
aramis erak
Abstruse
Roll20 Hacked, Customer Information Possibly Exposed
Replies
3
Views
6K
Daraniya
D
Remove ads

Top