Forums

Macheist userdata save?

MacHeist Forums » Support Desk » Macheist userdata save?

dummptyhummpty

Urchin

1 posts

I use Otherinbox (good thing!) and I've received spam on my MacHeist specific address/mailbox. I've participated in MacHeiest 3 in March '09.

February 1, 2010 8:55 pm
kalleboo

kalleboo

Staff

from Kagoshima, Japan
265 posts

iContact have updated their blog to confirm they are the leak source of the spam

More info at http://www.icontact.com/blog/index.php? … &tb=1&pb=1

Everything is my fault

February 1, 2010 10:11 pm

masterkey

Urchin

from switzerland
1 posts

same problem here - up to 5 messages a day!

February 2, 2010 2:31 pm

qarbanzito

Urchin

3 posts

me too ... just to report that i've also gotten several of these in the last few days at these addresses

  macheist at mydomain
  macheist.200801 at mydomain

the latter i used for the January 2008 MacHeist (transaction date 21 Jan 2008) and possibly other MacHeist transactions

possibly useful -- another message fitting the same pattern came to a custom address for which i haven't yet looked up the transaction:

  dash.20070409 at mydomain

(btw i'm told since i'm a "new member" i can't post even fake email addresses here; i registered over two years ago!)

February 2, 2010 7:32 pm
Molnies

Molnies

Big Game Hunter

from Sweden
527 posts

qarbanzito wrote:

(btw i'm told since i'm a "new member" i can't post even fake email addresses here; i registered over two years ago!)

The term "new member" might be a bit weird, but a member must have a minimum of 10 posts before being able to post a url.

Think Purple.

February 2, 2010 10:00 pm
BigMark

BigMark

Sky Pirate

from Kent, UK.
1,553 posts

I've also been victim to a lot of spam recently, and reading the iContact statement doesn't fill me with confidence over what information has been compromised.

Based on the results of our investigation to date, we have no information to indicate any other data has been affected, including:

    * Credit card data
    * Customer names
    * Affiliate names

Has anyone had any credit card problems recently?  It may be entirely a coincidence but my card was used fraudulently in Canada a few weeks ago and I'm careful to the point of paranoia regarding where I use the card and where I store information.

I'm not making any assumptions here, I'm just curious as until recently I've been off the spammers radar and the timing coincides with my card being abused.

Did iContact have our card information?

February 5, 2010 10:48 am
johnred

johnred

Directorate

1,869 posts

BigMark wrote:

Did iContact have our card information?

Definitely not. They had just your name and email address. We don't even have your credit card number stored anywhere because that's not allowed by the credit card companies.

John Casasanta
MacHeist Director
tap tap tap chief

February 5, 2010 11:08 am
BigMark

BigMark

Sky Pirate

from Kent, UK.
1,553 posts

johnred wrote:
BigMark wrote:

Did iContact have our card information?

Definitely not. They had just your name and email address. We don't even have your credit card number stored anywhere because that's not allowed by the credit card companies.

Good to know, thanks John.

February 5, 2010 11:13 am

macgruder

Urchin

2 posts

It's worse:

blog.toolshed.com/2010/02/icontact.html

Pragmatic Programmer ( pragprog.com/ ) also used iContact and although they cancelled the account with them, iContact kept all the contact data on their database. I got my first spams from both prag prog and macheist at the same time so it would seem that iContact is the common breach point, and given their track record of both keeping old customers data on file and not being secure, MacHeist should look somewhere else for this service.

February 7, 2010 3:05 pm
johnred

johnred

Directorate

1,869 posts

macgruder wrote:

It's worse:

blog.toolshed.com/2010/02/icontact.html

Pragmatic Programmer ( pragprog.com/ ) also used iContact and although they cancelled the account with them, iContact kept all the contact data on their database. I got my first spams from both prag prog and macheist at the same time so it would seem that iContact is the common breach point, and given their track record of both keeping old customers data on file and not being secure, MacHeist should look somewhere else for this service.

We're in a similar situation with Pragmatic Programmer as we also cancelled our iContact account months ago. It makes absolutely no sense why iContact retained our data after we cancelled.

John Casasanta
MacHeist Director
tap tap tap chief

February 8, 2010 8:42 am
Miah

Miah

Moderator

3,692 posts

As far as I'm aware, tort law would have a lot to say about this. They had a duty to protect, which was breached. This is more forgivable if MH still had a contract with iContact, but the fact that they did not is proximate cause for damage done.

In plain english: For not the negligence on the part of iContact where a simple DELETE FROM table WHERE query would have prevented, we wouldn't be having a PR issue. We've had more than a few people via both forums and chat thinking that MacHesit has been directly responsible.

There is nothing MacHeist could have done; in fact MacHeist had done everything that should have prevented this (cancel their contract), so the burden of liability should fall on iContact instead.

䷟䷽䷏䷁ — Dying of the Light.

February 8, 2010 6:06 pm
Ivy

Ivy

Gearhead

from Europe
75 posts

tech wrote:

BTW, folks it really doesn't matter what the name and address is in the from field as that can be very easily spoofed.

True, I often get spam messages sent from my address. big_smile Gmail gets it and I don't see them, but it is kinda annoying seeing 20 out of 60 viagra e-mails are "from me". big_smile

Here's what Google has to say about that: http://mail.google.com/support/bin/answ … swer=50200


About the spam problem, the e-mail I registered to MacHeist with is an old e-mail address I've been using for pretty much everything for years so I can't really say any spam is MacHeist related.

/Edit: Came here too late and replied to a quote before having read everything, sorry.

Free international calls? Pay only the price of a local call with Rebtel!

February 8, 2010 6:16 pm
f16332

f16332

Sky Pirate

1,135 posts

Still getting these emails...

DropBox Referral: 2.25GB FreeSpace

February 9, 2010 1:25 am
forevermac

forevermac

Automaton Tech

from The Interwebz
496 posts

I don't see iContact remaining in business much longer after this. If need be, I have a macheist only email and could, if needed, give access and/or evidence (aka give them username/password) to directorate/others.

Wow. MacHeist 4. I can't believe it's actually happening.
Unfortunately, it looks like I'm sitting this one out because of aggressive version requirements. It's been real.

February 9, 2010 3:15 am
rpcohen

rpcohen

Automaton Tech

from Baltimore, MD
486 posts

I suggest that a sticky topic be posted in the Lounge forum with a clear subject line to alert visitors about this situation.  I doubt this thread in the Support forum with the cryptic subject line "Macheist userdata save?" is likely to be seen by most MacHeisters or understood to have security implications that may effect them.

February 9, 2010 4:08 am
mjweb

mjweb

Sky Pirate

from coast2coast
2,343 posts

Gee, at least now I know why I'm a "soft touch" for all those Viagra counterfeiters.

www.mjweber.com | Flickr

February 9, 2010 8:13 pm
forevermac

forevermac

Automaton Tech

from The Interwebz
496 posts

mjweb wrote:

Gee, at least now I know why I'm a "soft touch" for all those Viagra counterfeiters.

I LOL'd

Odd, I haven't gotten any Viagra spam, although I did get an ironic Windøws 7 and Øffice 2ØØ7 deal.

Wow. MacHeist 4. I can't believe it's actually happening.
Unfortunately, it looks like I'm sitting this one out because of aggressive version requirements. It's been real.

February 10, 2010 2:12 am
MacHeritage

MacHeritage

Automaton Tech

from British Columbia, Canada
305 posts

All I get these days for spam is those "Viagra counterfeiters". It's mainly all from Gmail accounts since MacHighway (where all my other e-mail accounts are) runs a greylist. It cut my spam on their servers to maybe 1 every other day. So I can't tell if I have the problem or not. But that is a Good Thing™! big_smile

Ivy wrote:

True, I often get spam messages sent from my address. big_smile Gmail gets it and I don't see them, but it is kinda annoying seeing 20 out of 60 viagra e-mails are "from me". big_smile

I know just what you are talking about.... I seem to send myself these viagra e-mails all the time. lol big_smile

Cracking the heist of a lifetime!
Proud Member of the Former TeamPURPLE: http://www.macheist.co.uk/

February 11, 2010 9:06 pm

ivo

Urchin

1 posts

I received 26 spams since january 25 on a macheist-only emailaddress. Either macheist or one of its affilates has leaked (or sold) addresses.

February 12, 2010 10:45 am
forevermac

forevermac

Automaton Tech

from The Interwebz
496 posts

ivo wrote:

I received 26 spams since january 25 on a macheist-only emailaddress. Either macheist or one of its affilates has leaked (or sold) addresses.

Pretty sure that's a bot. That's the only post for them.

Back on topic, I have gotten a total of 7. I could have sworn more but I have a folder of them. It's called "goddamn you iContact"...

Wow. MacHeist 4. I can't believe it's actually happening.
Unfortunately, it looks like I'm sitting this one out because of aggressive version requirements. It's been real.

February 13, 2010 1:13 am
Miah

Miah

Moderator

3,692 posts

forevermac wrote:

Pretty sure that's a bot. That's the only post for them.

Pretty sure it's not.

䷟䷽䷏䷁ — Dying of the Light.

February 13, 2010 4:50 am
WebKarnage

WebKarnage

Big Game Hunter

from UK
777 posts

Interesting this, as I have had similar looking emails trying to look like Facebook ones, all going to every account I have that's not linked to FaceBook!!!!

I didn't need to use spam filters on 4 of my accounts until about a month ago, now I need them for all accounts. All 'Canadian Pharmacy' emails. I use a .mac email addy for MacHeist, and no sign of anything on that one...

There seems to have been a huge surge in spam in general over the last 2 or 3 months.

with best regards,
Karn.

The Optimist proclaims we live in the best of all possible worlds, the Pessimist fears this is true.

February 14, 2010 8:51 am
macF

macF

Urchin

from round about
2 posts

This isn't good.
I haven't participated in any heists with my account but I started getting spam very soon after the first post in this thread.
I just use this account to read posts here at macheist.
Hmmm... wats going on?

Here today, gone tomorrow.

February 17, 2010 11:03 pm

macheist@sorsacode.com

Urchin

2 posts

I'm pretty sure the leak wasn't from the developers. I have several mail addresses registered for macheist but only used one of them to pay for the ransom and software registration. All accounts received the same spam, however, with email addresses entered only here.

February 18, 2010 7:18 pm
Rumpelstiltskin

Rumpelstiltskin

Tinkerer

11 posts

Yep, same thing here. Spam to a macheist-only email address. Do keep us posted on the ongoing details. Thankfully Gmail has managed to keep it all in the Spam folder. Give iContact a good grilling for us.
Oh, and THANK YOU for accepting email addresses with a "+" in them. Too many web services fail to do this. That's what made me catch this.

February 25, 2010 6:06 pm
Acmys

Acmys

Gearhead

from NJ
57 posts

Hmm...I started getting these the day after I signed up for an shady-looking FTP service, but apparently those guys are innocent. Definitely thought it was them, until I saw the threads here.


I have received other spam emails I haven't before, such as some phishing ones from "Bank of America".

February 28, 2010 10:04 pm

kencraig

Urchin

1 posts

I got spammed too to a unique address only for MacHeist, and I did NOT get iContact in my bundle (I purchased on 1/28/08).  I may have trashed a few of the messages, but I've got 15 to that address between 1/28 and 2/19.

March 10, 2010 3:31 am

esmalling

Urchin

1 posts

Not sure is this is still being tracked buy I just got one with subject "*****DRUGSTORE****ADDERALL****VICODIN*******" to my macheist.com AT [mydomain.com] address

I'd post the raw email source but since I'm a newbie here, the forum won't let me (contains email addresses and links)

April 2, 2010 10:46 pm

macheist@sorsacode.com

Urchin

2 posts

Yes, I still get a lot of them. Didn't get iContact either.

April 2, 2010 10:58 pm
MacHeritage

MacHeritage

Automaton Tech

from British Columbia, Canada
305 posts

I have been getting many junk e-mail just like the one above that get passed grey listing and Mail's junk filtering and end up in my inbox. I don't know why but the spammers are now making it look like I e-mailed myself. I've got to admit they are getting better. I cannot say that it is because of this problem in this thread though.

Cracking the heist of a lifetime!
Proud Member of the Former TeamPURPLE: http://www.macheist.co.uk/

April 2, 2010 11:03 pm
Aranittara

Aranittara

Automaton Tech

107 posts

Just to clarify iContact maintains email lists. It is a web service that was used by MacHeist before they cancelled their contract. iContact is NOT an application people purchased through MacHeist.

Wait, watch, listen, link.
Life is a puzzle to be solved with a think.

April 3, 2010 6:40 pm
johnnybdot

johnnybdot

Gearhead

77 posts

I have too!
Header: "Need good price? DAZ Bryce 6.1 MAC", same layout as the one posted here...
participated in nanobundle1 and 2 so far
and I NEVER used iContact!

maybe this helps to narrow it down


edit:
ah I now see, it was Macheist using iContact...

Get Dropbox through my referral link (you get 250MB more than usually): https://www.dropbox.com/referrals/NTY0NDU4MzQ5
Many thanks!

April 17, 2010 1:13 pm
johnnybdot

johnnybdot

Gearhead

77 posts

So what about this issue? All silent now? Obviously it was NOT related to the iContact breech...

Get Dropbox through my referral link (you get 250MB more than usually): https://www.dropbox.com/referrals/NTY0NDU4MzQ5
Many thanks!

June 4, 2010 2:42 pm
Miah

Miah

Moderator

3,692 posts

johnnybdot wrote:

So what about this issue? All silent now? Obviously it was NOT related to the iContact breech...

How do you figure that, exactly?

䷟䷽䷏䷁ — Dying of the Light.

June 4, 2010 8:03 pm
johnnybdot

johnnybdot

Gearhead

77 posts

Miah wrote:
johnnybdot wrote:

So what about this issue? All silent now? Obviously it was NOT related to the iContact breech...

How do you figure that, exactly?

People who weren't already registered at the time the thing happened got spam mail, too... And since you guys claimed that you weren't using it anymore, well...

Get Dropbox through my referral link (you get 250MB more than usually): https://www.dropbox.com/referrals/NTY0NDU4MzQ5
Many thanks!

June 5, 2010 9:54 am
johnred

johnred

Directorate

1,869 posts

johnnybdot wrote:
Miah wrote:
johnnybdot wrote:

So what about this issue? All silent now? Obviously it was NOT related to the iContact breech...

How do you figure that, exactly?

People who weren't already registered at the time the thing happened got spam mail, too... And since you guys claimed that you weren't using it anymore, well...

Unless I'm missing something, I haven't seen any case of someone receiving the spams on an email address that they've been using for MacHeist only.

One person above, who registered here after we cancelled our iContact account actually has his name as his username and it's likely being harvested by various spammers. This has nothing to do with the iContact breach, obviously.

John Casasanta
MacHeist Director
tap tap tap chief

June 5, 2010 10:27 pm
Berklee

Berklee

Tinkerer

10 posts

Received 16 new spam messages on the account I used for the latest MacHeist, which was different from the account I used for previous MacHeists. They're all from AOL addresses and advertise (illegal) software.

June 9, 2010 8:03 am

AndrewV

Urchin

2 posts

I've received two emails from one-time signup addresses used at MacHeist. Both contain the subject "Merry Christmas" and body of

web.ausa.auckland.ac.nz/images/frontpage/chrir.jpg with an advertisement text underneath.

December 26, 2010 1:51 am
phillryu

phillryu

Moderator

1,569 posts

Hey guys. Last year iContact, a third party mailing service we used to work with to send out our announcements, experienced what they refer to as a 'security incident' and lost many of your email addresses. You can read about this here on their blog: http://blog.icontact.com/blog/icontact- … s-updated/

As a result of that mess we no longer rely on a third party service for our emails, and spent a portion of last year creating our own robust internal mailing system to keep everything in one place and much more secure. We don't want this to ever, ever happen again in the future.

To the best of my knowledge the internal investigation at iContact is still ongoing.

Co-Creator of MacHeist, Clear, Partner at tap tap tap | follow me on twitter

December 26, 2010 6:48 am

andnas

Urchin

1 posts

Well, something definitely seems amiss again.

I have received numerous spam mails the last few days, all of them sent to the unique signup address I use for MacHeist, which isn't the same as the one hit by spammers last year.

What is going on?

>~^~:>

December 28, 2010 10:59 pm

btgarner

Urchin

3 posts

I just received a spam to my custom MacHeist email addy (cannot post here due to limitations on email addys and links for non-active users).

my address is of the format: name (at) macheist (dot) domain (dot) com.

So MacHeist is the only thing I have ever used it for.

not cool guys...

December 29, 2010 1:51 am
j3snyder

j3snyder

Big Game Hunter

from Yerington, NV
988 posts

btgarner wrote:

I just received a spam to my custom MacHeist email addy (cannot post here due to limitations on email addys and links for non-active users).

my address is of the format: name (at) macheist (dot) domain (dot) com.

So MacHeist is the only thing I have ever used it for.

not cool guys...

Do you really think they haven't developed a spambot to decipher your hidden code and hijack your email address?  Maybe, just maybe, spammers are good at what they do and macheist isn't perfect in protecting your info.  No email is really safe unless you don't give the address out to anybody whatsoever, which makes it fairly useless.

Referrals for your consideration:
Dropbox:  https://www.dropbox.com/referrals/NTE1N … src=global

December 29, 2010 7:03 am

toco

Urchin

1 posts

I also received spam on a specific macheist mail address containing a fake adobe discount with links to
tariacuriDOTcrefalDOTeduDOTmx/dweb/plugins/xmlrpc/ind
ex.php?
leading to
apple-downloads-DOT-COM/
I hope you find the leak!

sry I can't post the header because it's not possible for me to post any links or mail-addresses...

January 27, 2011 7:33 pm

btgarner

Urchin

3 posts

j3snyder wrote:

Do you really think they haven't developed a spambot to decipher your hidden code and hijack your email address?  Maybe, just maybe, spammers are good at what they do and macheist isn't perfect in protecting your info.  No email is really safe unless you don't give the address out to anybody whatsoever, which makes it fairly useless.

The chances of someone randomly coming up with my macheist email address by inserting a tertiary domain into the mix, that just happens to be one of 50 or so that I created.. . . yeah, I find the odds astronomically low that a spammer would have done that.  Perhaps you are giving yourself too much credit.

I can respect that you want to defend macheist and all, but the bottom line here is that there is a security breech where someone distributed the macheist addresses.  It may have been a person who had access to the data, dumped it, then sold it, or it may lie with one of the third parties that macheist provided my email addy to (if any), I don't know.  But yes, someone has caused macheist buyers to get more spam then they were getting, and honestly, that will probably mean the end of supporting this program.  If my email address is not safe, what kind of guarantees do I have that the rest of my info is not safe?

January 27, 2011 7:34 pm

btgarner

Urchin

3 posts

toco wrote:

I also received spam on a specific macheist mail address containing a fake adobe discount with links to
tariacuriDOTcrefalDOTeduDOTmx/dweb/plugins/xmlrpc/ind
ex.php?
leading to
apple-downloads-DOT-COM/
I hope you find the leak!

sry I can't post the header because it's not possible for me to post any links or mail-addresses...

Go to the home page of Macheist, click support at the bottom, and Create a new ticket with your info.

If everyone who is getting these spams to their macheist addresses do this, then, maybe they can figure out that it is a real problem.

January 27, 2011 7:37 pm
JPDyson

JPDyson

Moderator

3,580 posts

That it is a "real problem" is well established, and explained. The bulk-mailer service they used suffered a breach, and folks' email addresses got out. Once they're out, they're out.

PM me | Twitter

January 27, 2011 7:41 pm
Warbrain

Warbrain

Dirigible Captain

from Not here.
6,982 posts

Geez, people, email isn't sacred anyway.

Website | Twitter

January 27, 2011 10:26 pm

seafoxx

Urchin

1 posts

Bump. welcome to the club...
I received four identical spam mails abour the adobe-stuff to the following 'one-time'-addresses of mine (time is GMT +1):
09:17 PM - squeeze.macheist.com at sp.ka[...].net
11:21 PM - forum.macheist.com at sp.ka[...].net
11:22 PM - forum.macheist.com at sp.ka[...].net
11:49 PM - macheist.com at sp.ka[...].net

Seems like several addresses 'got lost'. not good...

January 27, 2011 11:03 pm
Warbrain

Warbrain

Dirigible Captain

from Not here.
6,982 posts

seafoxx wrote:

Bump. welcome to the club...
I received four identical spam mails abour the adobe-stuff to the following 'one-time'-addresses of mine (time is GMT +1):
09:17 PM - squeeze.macheist.com at sp.ka[...].net
11:21 PM - forum.macheist.com at sp.ka[...].net
11:22 PM - forum.macheist.com at sp.ka[...].net
11:49 PM - macheist.com at sp.ka[...].net

Seems like several addresses 'got lost'. not good...

No, they lost just your address. Of course several addresses did.

Website | Twitter

January 28, 2011 1:51 am
blackbox

blackbox

Tinkerer

21 posts

I received 5 spam emails to 4 different addresses I used for MacHeist. They advertised Adobe CS5 and claimed to be from Apple, mimicking the design of their official newsletters:

http://i.imgur.com/B4CLX.png
http://i.imgur.com/IG7gz.png
http://i.imgur.com/MGxfi.png

The only telling signs that the emails were fake were senders' addresses (though Mail.app hides them by default and shows just "Apple") and URLs linking to various Chinese websites. Another detail is that none of the To: and Cc: addresses were mine, they all were @live.com and @windowslive.com domains. However my real addresses were in the Resent-To: field.

Gmail's spam filter didn't catch two of these emails, and even I was fooled for a second. No doubt many users would be deceived by these.

The most important fact though is that the spammers didn't just steal a list of email addresses, they knew that the addresses belonged to MacHeist members and they specifically targeted Mac community.

Agent Orange

January 28, 2011 11:20 am
MacHeist Forums » Support Desk » Macheist userdata save?

Become an agent



Keep me posted on more free offers and deals on great Mac software (We'll never sell your email, spam is evil)


As a MacHeist agent you'll be privy to special missions like these, tons of awesome free software, and the best software deals around. What do you want to hear about?

 

Login to MacHeist



As a MacHeist agent you'll be privy to special missions like these, tons of awesome free software, and the best software deals around. What do you want to hear about?