Home > Canada, tech > Was Infonec Hacked?

Was Infonec Hacked?

The situation

I use a separate unique e-mail address with almost every company / entity that I deal with. This helps me identify the source of any spam or unauthorized sales of my e-mail address because the only groups that know said addresses are myself and the individual company I am dealing with.

For example, I use a unique e-mail address for this WordPress account. So if I hypothetically started receiving spam urging me to “Enlarge your *****” at that e-mail address, I know that either WordPress was hacked or they sold my address.

Fast Forward To Today

I received messages indicating that someone opened and closed a PayPal account under the e-mail address known to only myself and Infonec.

How did they get my address? You connect the dots.

At the very least, I think that all people with accounts at Infonec should change their passwords.

Categories: Canada, tech Tags: ,
  1. Jeff
    June 9, 2011 at 7:36 am

    I just had the same happen to me around midnight on today, June 9th — someone registered a Paypal account using the e-mail address I registered with at Infonec. The name used on Paypal was nonsensical, with a gibberish street address located in New York, zip code 10011. I first received an e-mail from Paypal notifying me that my account was closed, with the “welcome to Paypal” message following 12 minutes later. The account, however, is most definitely closed now, as I can’t retrieve the password associated with the e-mail address.

    • June 9, 2011 at 4:19 pm

      Thanks for the reply, Jeff. My PayPal e-mails came around 7:30 AM on June 7th, but otherwise the experience was identical to what you described.

  2. Ken
    June 9, 2011 at 3:35 pm

    Dear customer,
    Once we got an email from our customer, we have opened a ticket and investigate the issue. Our IT engineers have checked our server logs and no sign of intrusion to our web server, however, we found some security holes on our email blasting server that our customer email addresses might be compromised. We are very sorry about the problem and we have already retired this old mail server and migrate the eblast service to a new server.
    We would recommend all our customer to update their password frequently in order to protect your privacy.

    Infonec Computers Management

    • June 9, 2011 at 4:19 pm

      Ken, thanks for the update on the situation. I changed my password.

  3. Jeff
    June 10, 2011 at 8:48 am

    Thanks, doesitblog and Ken. I can’t figure out the attacker’s modus operandi in opening and then immediately closing Paypal accounts. The only thing that makes sense to me is that he figured that many of the e-mail addresses on Infonec also had Paypal accounts attached to them, some of which would be using the same password as on Infonec. Perhaps Paypal limits the rate at which one can attempt to login to different accounts, but overlooked the ability to perform the same function by attempting to create an account with a certain e-mail address and then seeing whether the attempt succeeds or fails with a “duplicate e-mail address” error. This would, of course, require that the attacker compromised Infonec passwords as well as e-mail addresses, and it doesn’t explain why he’d go to the trouble of closing the accounts for which there was no existing account.

    Regardless, I don’t think we’re at any great risk — this incident seems more a curiosity than anything. Amusingly, I just received an e-mail from Paypal asking me for feedback on why I closed my account. There doesn’t seem to be a “someone fished out my e-mail address from a hacked customer database, tried to break into the non-existent Paypal account using that address, and then closed the useless account” option.

  1. October 9, 2012 at 6:16 pm
  2. February 10, 2013 at 12:44 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: