What's new
By:
5thGenRams Forums

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

PSA - Diode Dynamics hacked

S

Shorty1315

Active Member
Joined
Jul 4, 2019
Messages
41
Reaction score
48
Points
18
Location
NW FL
Hey all!! Just a quick PSA, I received an email from Diode Dynamics this morning regarding a security breach.

I had placed an order several months ago and last week my credit card was used for a fraudulent purchase. I have alerting setup, so only 1 purchase was made before freezing my card. If you have ordered anything from them, you may want to keep an eye on your credit card.
 

Attachments

  • Screenshot_20211117-110039_Gmail.jpg
    Screenshot_20211117-110039_Gmail.jpg
    97.4 KB · Views: 40
Edit: I read that too quickly. It was a client side script injection, which explains how CVV could be exposed without being stored. The account number, CVV, address, etc. was stolen as it was entered into the browser.

🤦Ooh boy, somebody screwed up! They mention CVV (three or four digit verification code) may be among the data leaked. PCI DSS (standards for merchants that accept credit cards) prohibit storing CVV. If they were following standards, it wouldn’t have even been possible for those codes to be stolen. It makes you wonder what other mistakes they made in building their e-commerce system.

They may also be subject to fees for being out of compliance. Good luck to them, and to the affected customers
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)

Site Vendors

https://www.jasonlewisautomotive.com/

Staff online

Members online

Total: 179 (members: 21, guests: 158)
Back
Top