VisorCentral.com
Show 20 posts from this thread on one page

VisorCentral.com (http://discussion.visorcentral.com/vcforum/index.php)
- Springboard Modules (http://discussion.visorcentral.com/vcforum/forumdisplay.php?forumid=10)
-- Innogear Security issue!! (http://discussion.visorcentral.com/vcforum/showthread.php?threadid=5595)

Posted by LarryN on 08-18-2000 03:39 PM:

Exclamation

** Please Read If You Ordered Anything From Innogear **

I found out the hard way, that the cookie that you get from store.innogear.com does not need to be present for users to access your account information!

I have a MiniJam on backorder @ Innogear. I posted reply to a message on a non-visor related messageboard that somebody asked how the visor plays music. So, being the helpful guy that I am, opened another browser window, opened the Innogear website, nad went to the Minijam page. I then copied the url, and posted it the my message.

I then received an anonymous email from some very honest person (thank goodness) that informed me that my link allows access to "My Account" information, inclusive of name, address, phone numbers, CREDIT CARD NUMBER (complete with card type and expiration date!!!).

I already cancelled my credit card, and asked the mesageboard owners to remove my post (which they have yet to do!). I also called innogear to tell them of the website design issue, they said that my circumstance is unfortunate, but they will not do anything about it!

So, since that creidt card listed there is no longer active, I can't even let Innogear know what my new card ifo is, of the original link that I (stupidly) posted would then display the new card info!!!

I'm letting you all know this because it could happen to you to. I asked Innogear to not display my full credit card info (It should only be showed at time of placing order to confirm the number IMHO), and they would not change the field attributes on the credit card fields of the webpage...

gggrrrrrr...

Posted by LarryN on 08-18-2000 11:32 PM:

Cool

*** Update ***

Innogear has informed me that they have corrected this security issue with their site, and having cancelled my credit card (awaiting replacement), there were no new charges posted to it.

On the good news side... They are sending me a no-charge 64mb MiniJam in ice color! So, for the trouble, I guess I'm pretty satisfied.

Once I talked the the correct people, they were verry helpful.
All times are GMT. The time now is 06:18 AM.
Show 20 posts from this thread on one page

Powered by: vBulletin Version 2.3.4
Copyright © Jelsoft Enterprises Limited 2000 - 2016.