Splitcoaststampers.com - the world's #1 papercrafting community
You're currently viewing Splitcoaststampers as a GUEST. We pride ourselves on being great hosts, but guests have limited access to some of our incredible artwork, our lively forums and other super cool features of the site! You can join our incredible papercrafting community at NO COST. So what are you waiting for?
I just tried to go to the www.creativexpress.com and there is a message that it has been hacked by someone in Turkey that hates USA and Israel. I know many of us have ordered from them, just hoping that they did not get any information when they hacked it. Maybe Daven can tell us if that it would have been possible for them to get any thing when they hacked into the server. I am a little worried because I have ordered from them several times. I tried to call Creative Xpress but they are closed until Tuesday so they probably do not even know about it yet. Anyone else know what the possibilty is that they did get into their database?
Wow, that is scary indeed. I don't recall myself ever ordering from them, but I hope for everyone else, that they didn't get any financial data from you all.
Wow - that is way creepy - I really hope they didn't get anyone's personal info - what a sick and stupid thing to do - I mean what purpose could it serve to hack a site like that? :???:
DO NOT go and visit the site to see what is happening. I was considering it (not too computer savvy) but thought since my dh isn't home I should look into if it was safe (don't laugh at me LOL).
According to PC World.com, the hackers can install all sorts of software on your computer if you visit the hacked site.
My dh is a computer guy. He looked at it, and says that it appears that the registered domain name expired, so the hackers took it. The server and the data stored on it is probably okay.
It is alarming to see stuff like this.
__________________ Alice
[COLOR="DeepSkyBlue"]>^..^
My dh is a computer guy. He looked at it, and says that it appears that the registered domain name expired, so the hackers took it. The server and the data stored on it is probably okay.
It is alarming to see stuff like this.
Did he spell the name right when he checked? It is creative Xpress with only 1 e instead of Creative Express. Do you think that he would mind checking again. They do a big business and are owned by Provocraft so I believe that they are a reliable company. When I go into my history file and go to some of their other pages, they are still there but some of the links take you back to the scary page.
I checked some of my email and found their address. It is in Spanish Fork, Utah. Looked that up on UT Better Business Bureau and it shows that they also go by Provocraft and Roberts Arts and Crafts and other names.
Please post if he checks it again. To me it looks like some of the webpages have been replaced like the home page, the email link and some of the links work perfectly fine. If they lost the domain name, none of the website could be accessed, could it? Let us know and thanks to your husband for checking.
I just called the FBI office in Utah and let them know, told them since they probably wouldn't be in until Tuesday we were a little concernd. And with the whole hate everyone thing, it can't hurt to be too careful.
Anyway, don't visit the site, hopefully they can shut it down.
He did have two 'e' in the name when he looked it up. Poop! He has changed his mind about what may have happened. Some of the pages are still working. But there are also 175 unregistered 'customers' connected right now. So, either a a lot of SCS people are looking, or there are more than one hackers there. :-(
Hopefully, the customer database is on a server seperate from their web server.
__________________ Alice
[COLOR="DeepSkyBlue"]>^..^
Thanks to myhappyplace and to 2katjes. I am sorry if anyone has gone to that site and it created a problem with your computer. I did not even think about that being a problem because I use a Macintosh and Macs rarely are ever get hit with anything like that. When I saw the page I was shocked and then I remembered that so many people on here have bought from them. i wanted to warn everyone so that you could be aware of what was happening. My concern was that they may have our credit info and did not even think that the site might do something to PC's. Maybe the FBI will get in touch with the owners and we can find out if any info was breached or if the hacker programmed anything into the site.
They sell lots of stuff. Sizzix, provocraft, tons of stamping and scrapbooking stuff. Sometimes they have some really great sales. It would be a good idea for everyone who has ordered from them to contact the credit card company that they used and make them aware of it, then watch your statement closely for a long time. Also make sure that your virus protection is up to date.
Wow, I hate that my very first post is something like this.
I have never ordered from this company, so I don't know the answer to this. Return customers, when you go back to the site and sign in to order, do you have to re-enter your credit card information or does it pop up automatically? There's a good chance if you have to re-enter your information that they aren't storing that information in their customer database. I don't know if that will ease the anxiety or if it will make it worse!
How big is the company? We keep our databases and our web servers separately, different machines, so if one goes down or gets hacked, the other is safe - though I'd much prefer a web hack to a SQL hack. Many smaller companies don't host their own web sites, shopping carts, and databases because the programs and hardware are expensive and pretty technical to operate properly. If their servers are hosted with a good company, the databases should be on different servers than the web sites.
I hope for everyone who ordered from them that the database with any personal information is kept apart from the web pages and that the information is safe. This should be a lesson to everyone who runs an online store - security and safety of customer data needs to be a very high priority.
I order online all the time and except for a few store cards, I try not to ever check the box that says "Save my credit card information". Always look at the URL to make sure the site uses SSL (there will be https:// in the URL, not http://) and look at the bottom bar to make sure there is a little lock because they can fake the https: thing. I guess this is a good lesson to never put your SSN onto the internet either.
Wow, this is scary. I order from EBB and Addicted to Rubber Stamping a lot. I wish hackers would put their skills to better use.
What a shame. They are a great company and I've ordered from them before. I just checked my credit card online and there's no suspicious activity. I'll also be watching my email account because I get their email newsletter every week. Man, this sucks! I sure hope they get this resolved quickly. I can't imagine the amount of business they are going to lose in the meantime. :(
DH is looking at the code of the hacked page right now. He says it appears that although the hacker had the technology (software) to hack, it's not advanced code. In other words, they had the tools but didn't really know what they were doing. More than likely there was a weak password somewhere that was easy to get past and they got in.
So, let that be a reminder to all of us to use text AND numbers in our passwords, and to not make them easy to crack.
Everyone, please do check your with your respective cc company on Tuesday and request they keep a watch on your usage for abnomalities, but let's not start a panic. My DH is in computers, too. I trust what he says implicitly.
Has anyone spoken to Provo Craft or have an update?
I have ordered from them in the past. I also got an email from them which I read a couple days ago. Not being computer savy, I'm afraid to check the site but have concern about my personal data.
My husband is a computer geek and runs his own business from our home, so we have blockers and firewalls up the wazoo. So, I was brave and went to Creative Express's site (easier to get forgiveness than permission, I say!!). Below is what is now on their main page. Figured I cut and paste to help others feel more secure. HTH
From CreativeExpress.com homepage on 9-5-06:
Dear Customers,
As you may already know, our site was hacked by someone foul-mouthed in the name of "world peace". We apologize for what you may have seen and ask for your patience while we remove all traces of this hacker and replace everything they deleted. Unfortunately this person thought our site should be filled with their message, so there's a lot of work for us to do. We will try to fix all this as soon as possible, but it is hard to say just how long this will take.
Undoubtedly you have many questions. Let us start by saying that your sensitive information is 128 bit encrypted data, which is 100% secure. Rest assured there is nothing for you to worry about. If you would like to place an order, you can call us at 1-800-563-8679. Our customer service is running as normal, but under the circumstances you may have to call more than once to get through.
Due to this intrusion, the CX Design Call deadline will be extended 48 hours once we�ve restored the community, and we are back up and running as normal. We will announce inside the Xpressions forums when the extended 48_hour submission timeframe will begin (once that time is determined). This extended deadline will effect our candidate review process and therefore delay our announcement of the winners. This intrusion has not changed the way you submit your entry.
If you emailed your Design Team Entry by Saturday, September 2nd at midnight MST, it has been received and no further action is required on your part. If your entry was sent after this time, you will need to wait for the community to be restored and then resubmit your entry.
Thank you for your understanding and patronage. Creative Xpress
__________________ ~Barbara
Wife to the most wonderful man in the world - he sits through all my "look what I made!" sessions!
oh, and after hitting the submit button, realized I added the extra "E" in the web name, but the info really came from them at http://www.creativexpress.com/
Geez, one of those days...
__________________ ~Barbara
Wife to the most wonderful man in the world - he sits through all my "look what I made!" sessions!
No problem. What hubby doesn't know.... ;) and that would include the password coded copy of my stamping inventory... He's better off not knowing the value lurking in my office!! LOL
__________________ ~Barbara
Wife to the most wonderful man in the world - he sits through all my "look what I made!" sessions!
Just thought I'd let you know I just checked their site again and their online store and gallery are back up and running. I'm headed back there to check them out some more. Just so sad for them and all the business I'm sure they lost over the weekend.
__________________ ~Barbara
Wife to the most wonderful man in the world - he sits through all my "look what I made!" sessions!
Creative Xpress Hacked
