You are reading a single comment by @clefty and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported almost exclusively by donations. Please consider donating a small amount regularly.
@clefty
Hi All,
Has anyone used the above site? We've received a paypal phishing email directly addressing MOC and we're pretty sure it came using data that was taken from their site.
For every order on the interwebs MOC makes, he sets up a mail account on his mail server referencing the particular supplier for example cyclesports@blah.com. This means that in the future if the company ever sell their details or their database gets pwned and he gets some dodgy email to that address, he knows where the data leak has occured. This usually means he contacts the company in question - asks them about the 'irregularity' they rather sheepishly say their db was hacked, apologise profusely and offer some sort of voucher - well, not always but they usually admit it.
In this case cyclesports seem to think that 'setting a password on your mailbox' would have meant this wouldn't happen which either means they don't really know what they're talking about or they wont admit their database has been hacked.
Whilst it may be hard for you to determine whether this has happened to you, it would be interesting to know it any other customers of cyclesportsuk received a paypal phishing email around the 3rd Jan 2013 which was addressed to the same details they used for their cyclesportsuk account. MOC ordered something (for me) from cyclesport over 2 years ago, but this phishing mail has only just emerged, so it suggests it's recently been hacked.
Whilst I'm not pouring scorn on their service or trade, afaik they run a decent business, I would like to know if any other customers have noticed something a little wierd.
Thanks