Site Comments & Suggestions

RedFlagDeals has been hacked. Database dump.

  • Last Updated:
  • Apr 17th, 2017 12:27 pm
Deal Guru
User avatar
Feb 8, 2014
12423 posts
2709 upvotes
adamtheman wrote:
Jan 19th, 2017 9:34 pm
So does a hacker have administrator access right now?
If true RFD is pretty doomed
Lies, damned lies, statistics and alternative facts
Administrator
User avatar
Jun 17, 2013
7757 posts
12359 upvotes
Scarborough
adamtheman wrote:
Jan 19th, 2017 9:34 pm
So does a hacker have administrator access right now?
All of the staff accounts are secure. Did something happen to make you think otherwise?
RFD Staff [Forum Rules] [Facebook] [Twitter].
Deal Addict
User avatar
Dec 3, 2004
4200 posts
1757 upvotes
Vancouver
TomRFD wrote:
Jan 19th, 2017 10:48 pm
All of the staff accounts are secure. Did something happen to make you think otherwise?
Post #399 Yoshim said:
yoshim wrote:
Jan 18th, 2017 11:48 pm
Same thing happened to me last week. My posts on their gift card thread and messages to warn people were all deleted. This scammer knows their way around, deleting traces of correspondence so the owner of the account wouldn't catch on right away. Targeting those of us with high feedback using our reputation to scam others. After replying these buyers to warn them, one of the buyers asked me how come the message disappeared from his inbox, what is going on. I then realized because the hacker had admin access they are able to delete threads and messages from people's inbox. Eventually they got smarter and started deleting all messages sent to these buyers and changed my password so I couldn't do anything about it. It's a good wake up call, but seriously these people need to get a life.
Sr. Member
Oct 22, 2006
644 posts
360 upvotes
Ontario
TomRFD wrote:
Jan 19th, 2017 10:48 pm
All of the staff accounts are secure. Did something happen to make you think otherwise?
You seem to have missed or ignored Hellfire's post (even though you're mentioned in it) : redflagdeals-has-been-hacked-database-d ... #p27369813

How was the "hacker" able to access his account with the reset password link? He states his email is secure and there's no keylogger on his system. Only other possibility would be unsecured wireless, but I doubt anybody here for 14 years would fall for that.

So, how'd it happen??? Please explain if YPG and RFD is all secured up now y'all...
Administrator
User avatar
Jun 17, 2013
7757 posts
12359 upvotes
Scarborough
adamtheman wrote:
Jan 20th, 2017 1:16 am
Post #399 Yoshim said:
Anyone can delete their own sent PM's up until the point they're read by the recipient.
dollarsign wrote:
Jan 20th, 2017 1:46 am
You seem to have missed or ignored Hellfire's post (even though you're mentioned in it) : redflagdeals-has-been-hacked-database-d ... #p27369813

How was the "hacker" able to access his account with the reset password link? He states his email is secure and there's no keylogger on his system. Only other possibility would be unsecured wireless, but I doubt anybody here for 14 years would fall for that.

So, how'd it happen??? Please explain if YPG and RFD is all secured up now y'all...
I missed that post (I wasn't @ mentioned) but I was responding to it on the back end. What happened there only affected the single account and we've since taken measures to make sure that doesn't happen again to anyone.
RFD Staff [Forum Rules] [Facebook] [Twitter].
Deal Addict
User avatar
Apr 29, 2005
3723 posts
4 upvotes
Markham Toronto area
TomRFD wrote:
Jan 20th, 2017 7:23 am
Anyone can delete their own sent PM's up until the point they're read by the recipient.
They were able to delete entire threads made through my account, right after I posted on them to warn people. I believe you need admin access to do this.
Administrator
User avatar
Jun 17, 2013
7757 posts
12359 upvotes
Scarborough
yoshim wrote:
Jan 20th, 2017 10:27 am
They were able to delete entire threads made through my account, right after I posted on them to warn people. I believe you need admin access to do this.
Those threads were removed by moderators or myself to prevent more users from potentially being put at risk. Threads you create with no replies can be deleted by yourself which is something we did see happen as well.
RFD Staff [Forum Rules] [Facebook] [Twitter].
Deal Addict
User avatar
Apr 29, 2005
3723 posts
4 upvotes
Markham Toronto area
TomRFD wrote:
Jan 20th, 2017 10:32 am
Those threads were removed by moderators or myself to prevent more users from potentially being put at risk. Threads you create with no replies can be deleted by yourself which is something we did see happen as well.
How strange that mods would delete those threads, but continue to allow these hackers to use my account to scam people for another 8 hours until I sent you that private message alerting you of my account being hacked (sending a message through the Contact Us page did not help in this case).
Administrator
User avatar
Jun 17, 2013
7757 posts
12359 upvotes
Scarborough
yoshim wrote:
Jan 20th, 2017 2:34 pm
How strange that mods would delete those threads, but continue to allow these hackers to use my account to scam people for another 8 hours until I sent you that private message alerting you of my account being hacked (sending a message through the Contact Us page did not help in this case).
This was a new situation that we hadn't encountered before so things didn't happen exactly as they should have. For that I apologize. We're working on adding new measures which will include locking down accounts which we think may have been compromised.
RFD Staff [Forum Rules] [Facebook] [Twitter].
Newbie
User avatar
Jan 13, 2017
20 posts
8 upvotes
Burlington, Ontario
This sucks losing my account. Oh well, it's just a message board, no big deal starting a new one.
Deal Addict
User avatar
Nov 7, 2004
1121 posts
358 upvotes
Whitby
toejammcgee wrote:
Jan 20th, 2017 5:16 pm
This sucks losing my account. Oh well, it's just a message board, no big deal starting a new one.
E-mail support, they'll help you get your old account back.

-Jamie M.
Home server: http://ywax.us
Speedtest: Image
Sr. Member
Jul 10, 2008
674 posts
112 upvotes
TomRFD wrote:
Jan 19th, 2017 9:34 pm
I just replied back to your PM. Sorry for the delay.
Everything seems to be working now. Thanks.
Newbie
User avatar
Jan 13, 2017
20 posts
8 upvotes
Burlington, Ontario
toysareforboys wrote:
Jan 20th, 2017 7:01 pm
E-mail support, they'll help you get your old account back.

-Jamie M.
I e-mailed a while ago, no reply. It's really no big deal.
Newbie
Jan 21, 2017
1 posts
Just submitted request #21557 as well. Not a big deal but kind of annoying after 10+ years of account history goes bust because of a hack
× < >
Rotate image Save Cancel

Top