1. Guest,
    If you need help getting to know Xenforo, please see our guide here. If you have feedback or questions, please post those here.
    Dismiss Notice

WARNING - your Deep Discount DVD are not secure!

Discussion in 'Bargains and Deals' started by Tony J Case, Oct 9, 2004.

  1. Tony J Case

    Tony J Case Well-Known Member

    Joined:
    Mar 25, 2002
    Messages:
    2,225
    Likes Received:
    333
    Since this was pretty well summed up, I'll just copy and paste it here:

     
  2. Qui-Gon John

    Qui-Gon John Well-Known Member

    Joined:
    Oct 2, 2000
    Messages:
    3,527
    Likes Received:
    0
    My god, this is true. I just went to the website and wasn't even logged in. I clicked LOGIN and without prompting me for password or anything, it said "Hello Kevin" and I could also see this other persons details.

    I'll bet their site was hacked.
     
  3. Christopher D

    Christopher D Well-Known Member

    Joined:
    Oct 16, 2000
    Messages:
    283
    Likes Received:
    0
    Yeah, I'm apparently Kevin too. I'm not logging in until this gets fixed, because I'm really not interested in having everyone be "Christopher".
     
  4. Harold Wazzu

    Harold Wazzu Well-Known Member

    Joined:
    Oct 1, 2003
    Messages:
    885
    Likes Received:
    0
    Holy crap, I was able to do it as well. If I had an account there I'd be cancelling my credit card that I had filed with them for sure.
     
  5. Michael Cucka

    Michael Cucka Well-Known Member

    Joined:
    Dec 8, 1998
    Messages:
    154
    Likes Received:
    0
    This seems to be fixed now - the log-in screen asks me for information to proceed.

    I'm using Safari on a Mac, if that makes a difference.
     
  6. george kaplan

    george kaplan Well-Known Member

    Joined:
    Mar 14, 2001
    Messages:
    13,064
    Likes Received:
    1
    It's not fixed.

    I just went there (I've never been there before, I've never used this place), and hit the login button. "Welcome back David", along with all his info and his password already typed in, etc.

    Bad, bad news for people who do use that site. [​IMG]
     
  7. Lynda-Marie

    Lynda-Marie Well-Known Member

    Joined:
    Jun 3, 2004
    Messages:
    762
    Likes Received:
    0
    Thanks for the warning, Tony. A site I will NEVER allow to tempt me!
     
  8. BradyB

    BradyB Well-Known Member

    Joined:
    Dec 17, 2000
    Messages:
    82
    Likes Received:
    0
    Damn, I just tried aswell and was able to get into some poor fellow named James' account from Virginia. I tried again and got the account of "DDD Sux".

    As a customer of DDD, I have sent them a furious email. Hopefully they take the site down now until the problem is fixed!
     
  9. Kyle McKnight

    Kyle McKnight Well-Known Member

    Joined:
    Mar 8, 2001
    Messages:
    2,515
    Likes Received:
    0
    Yah, I'm Neil & David so far. OH and get this, now I'm "Hello Compromised by DDD" AND "DDD Sux". I'm sure someone has thought of calling them, but just in case, I'm on hold right now.
     
  10. Kyle McKnight

    Kyle McKnight Well-Known Member

    Joined:
    Mar 8, 2001
    Messages:
    2,515
    Likes Received:
    0
    OK. They said they are aware of it, couldn't offer an explanation, and are in the process of shutting the site down right now. It seems a lot of people have called, the first thing the lady said when coming on the line was "Thank you for calling DDD, are you calling about the website?"
     
  11. ChrisBEA

    ChrisBEA Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    1,657
    Likes Received:
    0
    I just went there and it is prompting me for login information.
    I haven't logged in, but at least it isn't giving me someone else's name!
     
  12. george kaplan

    george kaplan Well-Known Member

    Joined:
    Mar 14, 2001
    Messages:
    13,064
    Likes Received:
    1
    What's great about that site though, is the integrity of the people running it. They now have the following message there: No, warning that we've been hacked, no "make sure your credit card info hasn't been compromised", simply a misleading statement to those who don't know about it. Seems like a really bone-headed move to me. Which would you trust more? A site that's been hacked and is up-front about it, or a site that tries to hide from their customers the fact that their credit card info might have been stolen. [​IMG] [​IMG] [​IMG] It's not like the other customers aren't going to find out about this, and they're going to be a lot more pissed about being lied to than anything else.
     
  13. StephenL

    StephenL Well-Known Member

    Joined:
    Nov 21, 2000
    Messages:
    341
    Likes Received:
    0
    I use a credit card with software that generates a unique credit card number for each online transaction. The number on my credit card is never revealed. You can use a web-based service or install PC software.

    Discover Card has a service called Deskshop:
    http://www.discovercard.com/deskshop/

    MBNA has a service called Shopsafe for Visa and Mastercard:
    http://www.mbna.com/creditcards/index.html
     
  14. alan halvorson

    alan halvorson Well-Known Member

    Joined:
    Oct 2, 1998
    Messages:
    2,021
    Likes Received:
    0
    Site was down for me at this moment - all I got was an Error Occurred While Processing Request message.
     
  15. Mark_TS

    Mark_TS Well-Known Member

    Joined:
    Mar 23, 2000
    Messages:
    1,708
    Likes Received:
    5
    I believe this may be the second time for them.

    Once about a year ago my bank called me telling me they had cancelled and reissued my card with a new number on an advisory.
    They would not say WHO it was , but I immediately suspected DDD as they were about the only web site I dealt with on that card.
     
  16. GarySchrock

    GarySchrock Well-Known Member

    Joined:
    Feb 28, 2003
    Messages:
    294
    Likes Received:
    0

    Of course, that wouldn't be a true statement either from what I can see. From what was described, it sounds far more like a bug than being hacked. That said, I'd hope they'd eventually email people whose accounts were accessed, but I don't know that it's necessary for everyone to be notified.
     
  17. MattGentry

    MattGentry Well-Known Member

    Joined:
    Apr 22, 2003
    Messages:
    257
    Likes Received:
    0
    I'm willing to bet things like this happen to various websites over the course of their being online. Sometimes, such as in this case, we find out about it. Others, I'm sure, we don't find out about and as such, don't worry about.

    Without someone posting this info, most people wouldn't be aware of it.

    The site itself is a great site. For me, the process of buying it there is quite a good deal cheaper than me driving nearly 40 minutes to the closest store, buying it (usually a dollar or two more than the site, as well as paying tax on top of that extra dollar), etc.

    So, price, tax, gas, time all factored in, I usually pay about five dollars more than buying it online. Their customer service has always been top-notch when I've dealt with them, and as such, I've been led to believe they are a good site.

    One problem such as this will not lead me to stop buying from them...
     
  18. george kaplan

    george kaplan Well-Known Member

    Joined:
    Mar 14, 2001
    Messages:
    13,064
    Likes Received:
    1
    Is it OK if I order a bunch of stuff with your info if I go there and it says "Welcome Back Matt"? [​IMG]
     
  19. BrianP

    BrianP Well-Known Member

    Joined:
    Dec 8, 1999
    Messages:
    601
    Likes Received:
    0

    Regardless if your account was compromised or not I think DDD should notify all customers about what happened. Every customer has the right to know what happend and to make a decision if they will continue doing business with them.
     
  20. Kyle McKnight

    Kyle McKnight Well-Known Member

    Joined:
    Mar 8, 2001
    Messages:
    2,515
    Likes Received:
    0
    And btw, all but the last four digits of the credit card numbers are blocked out on your DDD account....at least mine are.
     

Share This Page