GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Digital Playground.com Hacked Credit Card Data Stolen. (https://gfy.com/showthread.php?t=1060217)

Brujah 03-07-2012 10:45 AM

Maybe it is pretty old, the emails they posted were from 2009/2010.

DVTimes 03-07-2012 11:03 AM

i wonder why they did not email webmasters to tell them.

DVTimes 03-07-2012 11:04 AM

Quote:

Originally Posted by DVTimes (Post 18808340)

they still are not working.

NaughtyRob 03-07-2012 11:24 AM

I hate when this shit happens. It makes surfers lose trust even more in joining paysites.

AsianDivaGirlsWebDude 03-07-2012 06:40 PM

From AVN:

Quote:

UPDATED - DigitalPlayground.com Victim of Huge Security Breach
Mar 07th, 2012

VAN NUYS, Calif.?DigitalPlayground.com, the flagship website of its namesake studio, was the subject of a massive security breach from a hacking collective calling itself TheConsortium, which exposed more than 73,000 email addresses, usernames and passwords of the site?s members.

DigitalPlayground.com is the third Manwin property to fall victim to hackers in short succession. YouPorn.com and the Brazzers forum also were recently hacked, but no credit card data was involved, making this breach particularly concerning.

?We did not set out to destroy them but they made it too enticing to resist,? the hacking group posted. ?So now our humble crew leave lulz and mayhem in our path. We not only have the 72k users of this site but also over 40k plaintext credit cards including ccvs, names and expiry dates.?

AVN obtained a copy of the database allegedly obtained by the group, and it contains email addresses, usernames and passwords for 73,342 people. Various versions of the list have been posted to online message boards.

The hackers did not dump all the information they claim to have acquired, but did post two redacted versions of credit card info from customers that correspond to the customer list, according to DataBreaches.net.

According to Th3Consortium, it hacked 27 admins? names, usernames, e-mail addresses, and encrypted passwords; 85 affiliates? usernames, plaintext passwords, and in some cases, IP addresses; and 82 .gov and .mil e-mail addresses with corresponding plaintext passwords.

DigitalPlayground.com currently is online but not accepting new members and its members area is temporarily inacessible. JesseJane.com, a Digital Playground-run site, is not resolving at this time.

The scope of this hack raises many questions, such has how the hackers were able to obtain credit card information since all the billing for membership to DigitalPlayground.com appears to be done through a third party processor.

Currently, all billing inquiries are being directed to a third party processor called Net Support. AVN called the number and was told that the company was brought on to deal with the aftermath of the breach, and that all members who try to log on to DigitalPlayground.com are being directed to customer support.

Previously, it looks as if Digital Playground used NATS, and within that program worked with a cascade of billers that included DHD Media, CCBill, NETBilling, Epoch and NetCash. The number of processors raises additional questions regarding the ability of hackers to attain the 44,000 complete credit card numbers that is being claimed.

UPDATE

Digital Playground has issued the following statement to AVN:

Due to an alleged security breach, Manwin elected to temporarily shut down Digital Playground, and related websites, on March 5, 2012.

Manwin officially took over Digital Playground and related assets on March 1, 2012, and according to allegations, the potential breach may have occurred prior to that date.

The safeguard and non-disclosure of private and confidential information is always a priority at our company, and management is supervising all aspects of this situation.

In addition, our customer service department has been in contact with Digital Playground members to inform them of the next steps.

Customers will not be billed while the site is inactive, and have been offered free access to a Manwin owned property of their choice during this time period.
Digital Playground.com Victim of Huge Security Breach

Some fairly prompt damage control with regards to the Members. I hope that they catch the culprits.

ADG

19teenporn 03-07-2012 07:59 PM

Good, DP rejected me as an affikate. Fuck DP!

mikesouth 03-07-2012 08:16 PM

Hey Theo....Yer welcome LOL....

journalism 03-07-2012 08:30 PM

WOW!! Get those cards and bang them all!! hahaha!! What a big loss! Kidding!!

Barry-xlovecam 03-07-2012 08:58 PM

This is a Trifecta of very disturbing news.

gabe100 03-07-2012 10:12 PM

From DP's Twitter:

We made the movie Pirates, but fight internet pirates...

Reading the damage last night how they attacked every single server one by one and laughed about. Amazing.

ShellShocked 03-07-2012 10:31 PM

Did DP send anything to their affiliates letting them know the site isn't taking signups?

vsex 03-08-2012 07:07 AM

bad luck has a tendancy to hit everyone at some point. Getting people to use their credit cards online was tough enough without this kinda shit scaring them.

Nick-Mindgeek 03-08-2012 08:08 AM

Quote:

Originally Posted by ShellShocked (Post 18810522)
Did DP send anything to their affiliates letting them know the site isn't taking signups?

We will absolutely cover any loss in joins to match any webmasters daily average over the past few months.

Please get in touch with me and shortly as the site is back up ; we will add any missing revenues.

Thank you

jay23 03-08-2012 08:48 AM

As a software developer this is some thing I cant understand. This is not unique to DP, I think the hack into Sony gaming network also found people storing PW / CC info in clear. It takes 1 line of code to do a MD5 hash.



Quote:

Originally Posted by venus (Post 18808288)
why is credit card info stored on the server in the first place, this was a requirement from visa/mastercard when sites had to be tested awhile back for compliance. Anyone storing credit card info on their servers is wrong. They give us all a bad name and will run off future customers because they cannot trust adult sites. They were totally wrong for storing CC info and I am sure visa will have issue with them.


ladida 03-08-2012 11:46 AM

Quote:

Originally Posted by jay23 (Post 18811152)
As a software developer this is some thing I cant understand. This is not unique to DP, I think the hack into Sony gaming network also found people storing PW / CC info in clear. It takes 1 line of code to do a MD5 hash.

How would you re-bill if it was hashed irreversibly ? :P
I agree it should not be cleartext, but if they're rebilling or something similar, it has to be reversible.

firequartz 03-08-2012 11:46 AM

Neeko ... I'm more concerned about the 85 affiliate accounts that here hacked/acquired/whatever ... what can you tell us about that? Will you/have you contacted the affected affiliates to at least let them know their affiliate accounts were compromised?

Quote:

Originally Posted by neeko (Post 18811080)
We will absolutely cover any loss in joins to match any webmasters daily average over the past few months.

Please get in touch with me and shortly as the site is back up ; we will add any missing revenues.

Thank you


jack-exploitedbabysitters 03-08-2012 12:45 PM

funny thing i wanted to signup to digital playground site the other day to check out their content, glad i didn't now

pradaboy 03-09-2012 06:19 AM

Quote:

Originally Posted by ShellShocked (Post 18810522)
Did DP send anything to their affiliates letting them know the site isn't taking signups?

Fuck no, I have to come here to find out wtf happened. Only noticed now that my links have been going nowhere.

jay23 03-09-2012 07:25 AM

Quote:

Originally Posted by ladida (Post 18811606)
How would you re-bill if it was hashed irreversibly ? :P
I agree it should not be cleartext, but if they're rebilling or something similar, it has to be reversible.

It should be AES. Just dont store the key in the PHP file which I have seen more then once :-)

firequartz 03-09-2012 07:40 AM

I see the affiliate site is back up, but apparently they changed all the login passwords .. which makes sense .. still no official notice from Manwin/DP to affiliates about what's going on and what to expect though ...

pstation 03-09-2012 08:04 AM

also to rebill you definitely do not need to store the cvv2, billing address, etc. all that you need is the # and expiration date.

Paul Markham 03-09-2012 08:52 AM

Lightning doesn't strike in the same place twice. And for sure not 3 times in a short period of time.

Either Manwin have seriously pissed someone, with the ability to hack into their servers, or they have a mole. No not the little cute furry kind.

What ever the lack of damage control and limitation here is something you would expect of me. After they were hacked the first time, alarm bells should of been ringing, second time someone needs to get it fixed ASAP.

If it happens again????????????????

Quote:

Originally Posted by DVTimes (Post 18809282)
i wonder why they did not email webmasters to tell them.

Do you need an answer or was it a rhetorical question?

SZNY 03-09-2012 09:07 AM

It was the talk of the day in Barcelona. Hope they can fix it, Digital Playground is a nice brand

Zoxxa 03-09-2012 09:27 AM

Quote:

Originally Posted by Roald (Post 18808401)
WOW thats must hurt them big time

Freeones affiliate u/p was in that list.

pstation 03-09-2012 10:02 AM

what really sucks for them I suppose is that they pretty much lost all of their rebills.

considering everyone that has their cc info stolen will need to cancel their cards and I can't imagine most people signing back up

porno jew 03-09-2012 10:13 AM

since they own 95% of the porn industry of course most hack attacks are going to hit them.

since you are a moron so you can't understand that.

Quote:

Originally Posted by Paul Markham (Post 18813282)
Lightning doesn't strike in the same place twice. And for sure not 3 times in a short period of time.

Either Manwin have seriously pissed someone, with the ability to hack into their servers, or they have a mole. No not the little cute furry kind.

What ever the lack of damage control and limitation here is something you would expect of me. After they were hacked the first time, alarm bells should of been ringing, second time someone needs to get it fixed ASAP.

If it happens again????????????????



Do you need an answer or was it a rhetorical question?


lucas131 03-09-2012 10:14 AM

so where is megaupload link to the full dump? :)

AsianDivaGirlsWebDude 03-09-2012 02:29 PM

Quote:

Originally Posted by Paul Markham (Post 18813282)

Lightning doesn't strike in the same place twice. And for sure not 3 times in a short period of time.

Either Manwin has seriously pissed someone off, with the ability to hack into their servers, or they have a mole. No not the little cute furry kind.

Read this elsewhere:

Quote:

The Tarot cards last year were telling us there'd be downsizing and layoffs (at Digital Playground). There'll be more to come with other companies. Porn has always worked on the pork barrel principle, and now it's time to get lean and mean.

Meanwhile Mike South writes: I posted previously about DP releasing Kay Brandt, Others were involved and at this time I have verified who they were via inside sources.

Peggy as previously noted was released but not because of the website breach, Peggy was over DVD sales. Also released was her sister Sue, Samantha Lewis (Yes you read that right) and Farley who headed up the websites.

They were all told by the new owners, Manwin that their jobs were secure not to worry, then on last Thursday they were all blindsided by the layoffs.

Word is the axe is coming on three of the contract girls as well.

http://www.trekp.com/posters/gw210-disgruntled.jpg

A possible good old fashioned disgruntled employee revenge motive for the leak(?)...hmmm - wouldn't be the first time.

ADG

Roald 03-09-2012 02:37 PM

Quote:

Originally Posted by Zoxxa (Post 18813366)
Freeones affiliate u/p was in that list.

yeah, been in contact with manwin already about it.

Nick-Mindgeek 03-09-2012 03:16 PM

Quote:

Originally Posted by firequartz (Post 18813127)
I see the affiliate site is back up, but apparently they changed all the login passwords .. which makes sense .. still no official notice from Manwin/DP to affiliates about what's going on and what to expect though ...

Hey Firequartz,

The email went out. In a nutshell ; all passwords have been reset. Please use the 'forgot password' to receive the new pass and get in and adjust your account.Other than that, we will compensate all affiliates for lost revenue taking daily average earnings over the past 2 months.

If there are any questions about this or anything else ; please contact me directly. I am always available via email around the clock.

Looking into the future : Some amazing tools for all affiliates coming up! Your DP revenue will explode in the near future :thumbsup

Thanks!

AsianDivaGirlsWebDude 03-09-2012 10:03 PM

Quote:

Originally Posted by pstation (Post 18813453)

what really sucks for them I suppose is that they pretty much lost all of their rebills.

considering everyone that has their cc info stolen will need to cancel their cards and I can't imagine most people signing back up

http://static.techspot.com/images/te...er_hacking.jpg

Over 40,000 people will have to cancel their credit cards and manually re-sign up? :helpme :Oh crap

How many people will sign up again with a company that caused their data to be compromised in the first place?

ADG

firequartz 03-10-2012 08:05 AM

Neeko .. I haven't received an email .. and yes I checked my junk mail filters ...

and I see it's down again anyway ...

pornmasta 03-10-2012 12:15 PM

Quote:

Originally Posted by Roald (Post 18808401)
WOW thats must hurt them big time

http://zone-h.org/mirror/id/17184557

btw check for freeones in this page

porno jew 03-10-2012 12:27 PM

Quote:

Originally Posted by pornmasta (Post 18815147)
http://zone-h.org/mirror/id/17184557

btw check for freeones in this page

yup some gfy'ers on there.

pornmasta 03-10-2012 12:45 PM

they should audit the security of their other websites before it is too late...

alias 03-10-2012 12:49 PM

Thanks for posting so we can check if our passwords were released pornmasta.

Theo 03-10-2012 12:53 PM

I have yet to see any evidence that CC data were compromised.

pornmasta 03-10-2012 01:04 PM

"72,000 customers" >> how many hits to send to get this amount of customers ???

pornmasta 03-10-2012 01:15 PM

So http://www.alexa.com/siteinfo/digitalplayground.com#
page rank = 23935
So it makes something like 100000 visitors per day.

"72,000 customers" <<<

I don't promote digitalplayground, but let's say that their conversion ratio is 1/1000 (that's pretty good).
I means that it would make 100 new sales per day ???

720 days to reach it ?
I don't think that the average member stays 720 days.
So they have to store CC numbers of old customers in their servers ? (stored in clear text !)

Something is wrong in this story...

and they need to be their own billing processor... (that's probably wrong)

So i guess they have been hacked long time ago....

porno jew 03-10-2012 01:20 PM

Quote:

Originally Posted by pornmasta (Post 18815227)
So http://www.alexa.com/siteinfo/digitalplayground.com#
page rank = 23935
So it makes something like 100000 visitors per day.

way off.


All times are GMT -7. The time now is 10:10 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123