Originally Posted by Chris

I've read the replies in this thread, and it seems there has been lots of confusion as to what the whole deal was.

the "bug" that was reported, was initially thought out to be a system that will enable sellers that ship an actual product have a confirmation of the shipping address. It was a documented feature, as someone pointed out. the information enclosed was limited to a few fields as shown above, and it wasn't a hack. This also has nothing to do with any id's, those could not be accessed. We know that's a fear for many account holders.

This was conceived long ago and overlooked since. This feature was never or close to never used until now. Due to everyone's concerns about privacy, etc., we have decided to eliminate this part of our system as soon as it was brought to our attention on another public forum, which was not very long before this thread appeared. it was fixed immediately, the issue was dealt with before the gfy thread. We would have appreciated it if the person who realized it would have told us prior to making it public specially since it was already repaired. Once more, this information was mistakenly shared, it wasn't a leak and no hacking took place. This could have been used by somebody knowing the exact email address of a paxum member and using the IPN feature for sellers/buyers and even in that case all you could obtain was the shipping information for a paxum member. To make an analogy it is about the same information paypal or ebay provides when you make a purchase.

As far as Ruth is concerned, in the first replies before asking for the ticket number she had no idea that it was a feature that was already closed and thought like many people supposed that it is another false rumor that paxum is not secure or has been hacked like we see those false statements every other month. Then Ruth reacted a bit harshly as someone tried to obtain her information and make it public her replies were not about the matter at hand with the part of the IPN feature that was closed down. This is obviously not in the spirit of helping us improve our service, and she felt personally attacked by some of the comments specially when she provided a test account for people to try to reproduce the "bug" in order to improve our system. Everyone has a job to do, but when you become the target of what seems to be someone's personal vendetta, spirits heat up. Once again, we would have appreciated the user's comments way before this was blown out of proportion and not jump on boards making half documented accusations about things that we don't have a crystal ball in order to assume what the poster wanted to refer to exactly.