DitchTheLabel white vending machine

Accipiter · 25-05-2014, 11:08 AM

Why are Ditchthelabel commenting about payment details being stored when its quite clearly Shipping details being leaked. Looks like they'll be having to ditch their label to avoid this kind of damage!

Matt · 25-05-2014, 11:08 AM

Don't know if i'd buy the tank top. Wrist bands could be something that a lot of people buy. I won't be buying anything lol, sounds a bit dodgy with all these random peoples details D:

Michael · 25-05-2014, 11:52 AM

Looks like the store is on maintenance break now, but I thought they said there was no problem.. right..

sex · 25-05-2014, 12:04 PM

some nasty habbos have my mobile number because of thiS data leak and keep ringing my phone and shouting abuse an saying nasty things and are looking for goldbars to stop

and this campaign was suppose to STop bullying?

**GoldenMerc** · 25-05-2014, 12:08 PM

Originally Posted by sex

some nasty habbos have my mobile number because of thiS data leak and keep ringing my phone and shouting abuse an saying nasty things and are looking for goldbars to stop

and this campaign was suppose to STop bullying?

that'd be me

- - - Updated - - -

Originally Posted by DitchtheLabel

Hi guys,
Thank you for your posts. At Ditch the Label, we use industry standard software to process all of our orders. Payment details are processed individually through PayPal and are not stored on our server. The software that we use for our online store is also used by a large proportion of other organisations. We have no evidence whatsoever so suggest any security breach or site wide glitch.

Please be aware that we have also never received any orders from a customer called 'Brendan', as shown in the above screenshot. If you do genuinely experience a glitch that auto fills the details of a different customer, we would strongly advise that you contact us immediately.

Whilst our website logs show no indication of this error, we will, as is routine procedure be launching a complete investigation and would encourage any users who think that they are effected to send over screenshots and more information to [email protected].

Many thanks,

Eleanor Alford
Ditch the Label

Just had a look on your shop url here;
http://www.ditchthelabel.org/store

So your using a theme called Leisure that can be found here;
http://themeforest.net/item/leisure-responsive-opencart-theme/3014002

Using OpenCart (Which is poor by itsself!);
http://www.opencart.com/

Clearly people's details have been leaked, I cannot see why you can't own up to it. Do a blog post saying why its happened (because OpenCart is poor software and is one of the lower range's of free software. I mean there is woocommerce out there;
http://www.woothemes.com/woocommerce/

Which is beyond anything you can possibly pay for, Its updated so often I struggle to keep up with, But hey id rather be secure than anything like this ever happening.

Also taking Paypal as a method is a baddddd move, Prepare for Habbo losers to revert on you.
Should only really take Stripe;
https://stripe.com/gb

Which is brilliant software that allows you to take payments such as Debit, credit cards from anywhere in the world. SECURELY, PayPal also recently got hacked afaik along with eBay.

I mean im assuming you paid for this advertisement from Habbo, Surely you'd check all these kind of things? You've bought a $40 theme, some web hosting and thought meh it'll be fine...

passion · 25-05-2014, 12:35 PM

Quoted their post so it is not edited and or removed. I have also saved a hard copy to my desktop whilst I decide my plan of action.

Let me quote from Ditch The Label's representative, "the software that we use for our online store is also used by a large proportion of other organisations. We have no evidence whatsoever so suggest any security breach or site wide glitch." So, their argument is that because other, more reputable, sites use the software they use that they are devoid of any blame.

Should that be the case (it isn't...) then why have they taken down the store part of their site *after* making that ridiculous post. Oh, because they realise that not only is this breach breaking the law, denying the fact there is a flaw breaks the law also. Of course, it is good news they are trying to fix it but having this issue in the first place and then denying it is disgusting.

To make things worse, they try and belittle a user who attached a screenshot. Their argument? That they have no proof of such a name on their systems. Yes, we have already realised that your systems are flawed, dangerous and ineffective so that statement is truly baffling. Using a broken system to corroborate with your point smacks of desperation.

Anyway, for anyone who believes their information has been stolen. United Kingdom law states that Ditch The Label must keep all information secure. Something they have failed to do. Also, when such a breach happens they are by law required to, a recovery plan, including damage limitation; assessing the risks associated with the breach; informing the appropriate people and organisations that the breach has occurred; and reviewing your response and updating your information security. They are required to inform people this has happened... which they have so far failed to do. In fact, they have done the exact opposite.

Yet, Sulake are still promoting them, presumably because it's a Sunday. This partnership will surely be terminated in the next couple of days and we can all forget that such an unprofessional company were ever here.

e5 · 25-05-2014, 12:55 PM

I assume if people tried to revert payment, they'd be permanently banned by Habbo until they paid, but still DTL should use a more secure system for payment. I was fully ready to put my card details in until paypal was the only option, but now glad that I didn't if any kind of details were getting released

DitchtheLabel · 25-05-2014, 01:31 PM

Hi guys,
Thank you for all of your posts and for bringing this to our attention. Just a quick update to let you know that we have temporarily taken the store offline as a safety precaution so that we can investigate this further. Please do be assured that no payment details are stored on our server and all orders are made through a secure connection, using industry standard software. If anybody has any concerns, please do feel free to contact us directly via [email protected].

We will update you all on our progress.

Thanks,

Jon Cross
Ditch the Label

e5 · 25-05-2014, 01:36 PM

Originally Posted by DitchtheLabel

Hi guys,
Thank you for all of your posts and for bringing this to our attention. Just a quick update to let you know that we have temporarily taken the store offline as a safety precaution so that we can investigate this further. Please do be assured that no payment details are stored on our server and all orders are made through a secure connection, using industry standard software. If anybody has any concerns, please do feel free to contact us directly via [email protected].

We will update you all on our progress.

Thanks,

Jon Cross
Ditch the Label

I think the concern is more the delivery information is being leaked rather than payment information...

Accipiter · 25-05-2014, 01:46 PM

Originally Posted by DitchtheLabel

Hi guys,
Thank you for all of your posts and for bringing this to our attention. Just a quick update to let you know that we have temporarily taken the store offline as a safety precaution so that we can investigate this further. Please do be assured that no payment details are stored on our server and all orders are made through a secure connection, using industry standard software. If anybody has any concerns, please do feel free to contact us directly via [email protected].

We will update you all on our progress.

Thanks,

Jon Cross
Ditch the Label

Nobody is talking about payment information it's shipping details / personal details that are being leaked.

Thread: DitchTheLabel white vending machine

Thread Tools

Posting Permissions