Author Topic: Problem at Stock Expert??? New. (Read 5048 times)

rinderart · « **on:** October 22, 2007, 16:49 »

Just got this PM from Lev Dolgachev. a good friend to us all. I wrote them asking about this. Haven't heard anything yet. I asked lev if I should post this. He said yes. so here it is.

hello, my friend!

there's a major trouble on stockxpert now

huppy up and change your mail there to something nobody knows
they are having a hole i've checked out personally wich gives an easy opportunity to steal account for everyone knowing your mail.

i've just changed my mail from know to public to something more discrete and that's what i believe anyone should do now.

take care

lev

Kngkyle · « **Reply #1 on:** October 22, 2007, 16:55 »

There is no E in stockxpert, why can't people get it right.

Thanks for the warning though.

madelaide · « **Reply #2 on:** October 22, 2007, 17:00 »

We have two emails in StockXpert. One for the account, one for payment (not necessarily the same). Should we change both? Is there any problem assigning temporarily an email for which no PP or MB account exists?

When will we know things are back to safety?

Regards,
Adelaide

Tomboy2290 · « **Reply #3 on:** October 22, 2007, 17:27 »

Ummm what does that all mean Laurin? That if anyone knows your email they can steal your money from Stockxpert? Or highjack your whole account? Sorry for the geriatric moment, but I don't understand ....

sam100 · « **Reply #4 on:** October 22, 2007, 17:37 »

I don't quit follow eather...
If someone tries to hack your account, and enter your email adress... the new temp password is sent to me, not the hacker.?..

Or am i missing something.?..

Patrick.

madelaide · « **Reply #5 on:** October 22, 2007, 18:06 »

If there is a hole in the system, maybe the hole is that someone can do something WITHOUT your password?

Regards,
Adelaide

GeoPappas · « **Reply #6 on:** October 22, 2007, 18:30 »

On another forum, it was reported that if someone has your email address, then they can use the "Forgot Pass" feature of StockXpert. This then would display the new password on the screen. So the hacker can then effectively get into your account.

But I just used the "Forgot Pass" feature on my account and it doesn't display the password on the screen. It just emails it to you at your email address.

So as far as I could see there is no security threat.

Let me know if I am wrong...

Gregor909 · « **Reply #7 on:** October 22, 2007, 21:10 »

Fixed!:
http://stockxpert.com/forum.phtml?f=showtopic&n=6841

madelaide · « **Reply #8 on:** November 03, 2007, 13:40 »

Ok, are we safe now? Rinderart, any further news? I want to ask for a pay-out...

Regards,
Adelaide

leaf · « **Reply #9 on:** November 03, 2007, 18:39 »

in the stockxpert thread, it sounds like things were taken care of

madelaide · « **Reply #10 on:** November 03, 2007, 21:37 »

Yes, but I wanted to check if someone who new how about the breech in detail would verify if it's really gone.

Regards,
Adelaide

leaf · « **Reply #11 on:** November 04, 2007, 04:17 »

Quote from: madelaide on November 03, 2007, 21:37

Yes, but I wanted to check if someone who new how about the breech in detail would verify if it's really gone.

Regards,
Adelaide

Steve Oh wrote

Quote

This has been fixed, and as far as we can tell, no accounts were compromised. Please let me know if you have any other concerns or questions.

Thanks!
-Steve

sharpshot · « **Reply #12 on:** November 04, 2007, 06:04 »

I changed my email after reading this but last night I had two emails about requesting a new password from fotolia. It looks like someone was trying to gain access to my account. This is strange, as my new email is not known by many people and would not be easy to guess.

leaf · « **Reply #13 on:** November 04, 2007, 06:14 »

Quote from: sharpshot on November 04, 2007, 06:04

I changed my email after reading this but last night I had two emails about requesting a new password from fotolia. It looks like someone was trying to gain access to my account. This is strange, as my new email is not known by many people and would not be easy to guess.

perhaps your email is close to someone else's email. they requested it 2x because when they tried to get their own password they did not receive it the first time (because they typed yours instead) so they tried it again (and tried wrong again)

Pixart · « **Reply #14 on:** November 04, 2007, 09:26 »

Sharpshot, this happened to me on Fotolia also about 2 months back. We (here) had a lengthy thread about the importance of unique passwords and safety when I brought it up.

One thing that is possible though, someone else may use the nickname "sharpshot" and thought they already opened an account at FT - then tried to retrieve their password. I had a design account on Istock in 05, but pixart was gone when I registered - I tried to retrieve my password when I wanted to start uploading this spring and finally realized that I was actually pixartdesign at Istock. So - the real pixart at IS must have recieved several similar e-mails.

Although, it raises alarms when this subject has not been raised in the whole time I've visited this site, and now you and I both mentioned it within a short period, and both times at FT.

MicrostockGroup Sponsors

Author Topic: Problem at Stock Expert??? New. (Read 5048 times)

rinderart

Kngkyle

madelaide

Tomboy2290

sam100

madelaide

GeoPappas

Gregor909

madelaide

leaf

madelaide

leaf

sharpshot

leaf

Pixart

Related Topics

Sponsors

Microstock Poll Results

Sponsors