WHT CC/Users Compromissed?

Hi,

WHT are now down for maintenance since i post this thread on WHT also.

The hacker of WHT, have send a part of the database of webhostingtalk on rapidshare and many others site, i think.

anyway i get a copy of this table DB part.

And this is really horrible, WHT can be suitable in court for this, these personal information are (CreditCard) not coded, db part have 1454 users cc numbers from WHT db table called "creditcard" for premium members.


This is a small copy ( i have changed the line credit card info ) its surely a big problem on the WHT arms for the moments.

# Dumped by NEGRO SHELL.
# Home page: http://negro.com
#
# Host settings:
# MySQL version: (4.0.27-standard-log) running on 69.20.126.7 (www.webhostingtalk.com)
# Date: ##/##/#### :)
# DB: "ioms"
#---------------------------------------------------------
DROP TABLE IF EXISTS `creditcard`;
CREATE TABLE `creditcard` (
  `card_id` int(11) NOT NULL auto_increment,
  `account_id` int(11) NOT NULL default '0',
  `address_id` int(11) NOT NULL default '0',
  `cardnumber` bigint(20) NOT NULL default '0',
  `expdate` varchar(10) NOT NULL default '',
  `cardcode` varchar(5) NOT NULL default '0',
  `issueingbank` varchar(50) NOT NULL default '',
  `nameoncard` varchar(50) NOT NULL default '',
  `status` enum('valid','removed','modified','fraud','chargeback','other') NOT NULL default 'valid',
  `friendlyname` varchar(100) NOT NULL default '',
  `admin_note_id` int(11) NOT NULL default '0',
  `customer_note_id` int(11) NOT NULL default '0',
  `creation_timestamp` bigint(20) NOT NULL default '0',
  `creation_session_id` int(11) NOT NULL default '0',
  `modify_timestamp` bigint(20) NOT NULL default '0',
  `modify_session_id` int(11) NOT NULL default '0',
  `removal_timestamp` bigint(20) NOT NULL default '0',
  `removal_session_id` int(11) NOT NULL default '0',
  PRIMARY KEY  (`card_id`),
  KEY `account_id` (`account_id`,`address_id`,`cardnumber`)
) TYPE=MyISAM PACK_KEYS=0;

 ('1', '31', '3', '551061035543668', '7/2012', '143', 'Compass Bank', 'Max M Oneil', 'valid', 'Compass Bank', '0', '0', '1074282270', '144', '0', '0', '0', '0');

PHP:

if you have premium or only account WHT, check your password and bank billing.

i am also able to find my users in the database....

 

This is posted here and does not need members spreading parts of the db.

 

I'd like to address a couple points.

We know that credit card information has been leaked out. This appears to be information that was obtained during the incident 2 weeks ago. Premium memberships are not affected. We're currently locked down until we are sure the servers are secure.

 

In fact, i changed the part of creditcard users, with false information.

Just want to be sure, anyone know the situation.

 

Thanks you, for your update, i hope you can find the hacker and take him to court.

 

With all due respect Dennis, you need to check your dates. The SQL dump of the credit cards has UNIX timestamps at the bottom from MARCH 25. Furthermore, I also removed my credit card from the my.iNet site on MARCH 25 and YOUR database recorded the time and date ALONG with recording the status as "Removed". The compromise of the credit cards happened ON or AFTER March 25. There is ABSOLUTELY no way this happened before then. Period.

I would also like to confirm that approximately $400 worth of charges were put on my card on April 6 from a location in China that has been described to me as a Casino of some sorts. My credit card was unfortunately near the bottom of the list, so I imagine it was one of the first to be tried. VISA Security are aware of this incident, they have a copy of the SQL dump along with iNet Interactive's information, a brief history of what happened and I imagine they will be in contact.

 

Correct. We were not secured until March 27.

 

So what happens now?

 

Update on INET Status:

 

More news:

 

Personally I would never ever trust this place again. They have not been forthcoming in the extent of the damage nor explained the full extent to which they were compromised into several heated exchanges via PM with other users, including management over there only to be told not to worry.

I questioned whether CC's were compromised to which I was told that I should not lose faith in WHT, and that these things happen all the time.

I was a Premium Member over there btw.. Been there since 2000 btw.

At this point, WHT is dead. I do not see how they can possibly recover from this.

I'd be worried also if I were a member of any of the other forums they host via iNet Interactive: http://www.inetstatus.net/index.php

Whoever hacked them likely wanted money, or were really pissed off or both. Either way, I think they need to be a bit more forthcoming in all of this. Its apparent that more and more problems continue to surface. I raised the CC issue on April 2nd and was told not to worry... NOW LOOK!

Its bad enough that 8 months of DB data are now lost, but their members information is now compromised as well, even after they lied and said it was not.

BEWARE !!!!

 

Thank you for trying Denny!!

I truly hope you can find the scumbag who did this!!

This is NOT INETs FAULT SOMEONE DID THIS!!

The internet is a BAD PLACE and hackers,etc can hack into any site online unfortunetly......

 

If you were there on April 2, you were a couple days early from when we restored 75% of the lost data. Granted, 75% isn't total restoration, but it was a helluva lot of work that developers put into it.

As for lieing ... not sure where you get that. We've stated everything we've known when we've known it. If not knowing makes me a liar, than I'm a liar. But I've never lied to our members.

 

New Update From INET:

 

Well the good thing is: IF SOMEONE USES SOMEONES CARD,THEY DONT HAVE TO PAY!! (@ least i think anyway)

 

Yes, but these card can be point on fraudulent transaction, imagine a card holders didn't know the fact WHT db was hacked and they didn't check there bills.

 

There has been many incidents similar to these but people dont lose faith in them, let it be the same as WHT, WHT is trying its best to prevent and solve this problem. Just get off there backs and let them do there work...

 

We are contacting everyone that could be at risk.

 

Yep. It goes on all the time. Just Google it and you'll come up with a million results. That doesn't make this incident any less disheartening. And I understand people's concerns. But we've been forthright and diligent in disseminating information and making sure anyone that could be affected has been or is being notified. We have and will continue disclosing all information as it becomes available.

 

yeah, hope everything will be fine, i still have faith