Jump to content


- - - - -

Videogamesplus.ca hacked?


#1 Cthulhu8u   That Innsmouth look CAGiversary!   1802 Posts   Joined 10.6 Years Ago  

Posted 20 January 2012 - 02:42 AM

I just saw this on Joystiq

http://www.joystiq.c...recommends-pas/

Earlier today it was reported that VideoGamesPlus.ca had been hacked and 21,000 customers' account details were posted for all to see. Eurogamer obtained an email from the company to customers saying the site is "currently investigating a security issue" and is recommending folks to change their passwords.


I know at least a few Canadians shop there, possibly online, so head's up if you didn't know.

#2 firehawk12   CAGiversary! CAGiversary!   509 Posts   Joined 11.4 Years Ago  

firehawk12

Posted 20 January 2012 - 03:10 AM

Yeah, the passwords were protected with md5 so they're easily retrievable. A lot of Euros use the site for importing, so they're probably effected as well.

Either way, change your passwords everywhere if you used the same password there as you do on your other sites.

#3 TronB   CAGiversary! CAGiversary!   410 Posts   Joined 11.3 Years Ago  

Posted 20 January 2012 - 03:12 AM

Thanks for the heads up, I'm changing passwords ASAP.
Posted Image

#4 dotCody   The night is dark... and full of terrors. CAGiversary!   922 Posts   Joined 7.3 Years Ago  

Posted 20 January 2012 - 03:17 AM

Jesus, VGP just needs to shut down.

#5 Heartless18   CAGiversary! CAGiversary!   130 Posts   Joined 8.9 Years Ago  

Heartless18

Posted 20 January 2012 - 04:19 AM

VGP hasn't even acknowledged this yet. Horrible service, especially if people's accounts were compromised.

#6 Mr.   CAGinese! CAGiversary!   863 Posts   Joined 9.7 Years Ago  

Posted 20 January 2012 - 04:45 AM

I've only bought from their physical store... mainly a white DualShock 3.

#7 Robotron2084   CAGiversary! CAGiversary!   122 Posts   Joined 11.9 Years Ago  

Robotron2084

Posted 20 January 2012 - 05:08 AM

I read about this days ago on vg247...should have posted it (duh).
VGP has said nothing and has ignored the issues. I couldn't cancel my account so I just changed all my personal info to crap.

They informed no one of this which sickens me because it gave the thieves more time to spread the data around. I visited a few places where they were sharing the info and using it to hack other online stores. Didn't see my info but VGP doesn't have my current info and I use different passwords for everything.

VGP will never get my business again.

#8 Robotron2084   CAGiversary! CAGiversary!   122 Posts   Joined 11.9 Years Ago  

Robotron2084

Posted 20 January 2012 - 05:16 AM

motherf@#$@%

I just grabbed the info file. I'm in there. My new email too which I do not remember using.
great...off to change all my online accounts.

#9 Derfel   CAGiversary! CAGiversary!   1226 Posts   Joined 14.2 Years Ago  

Posted 20 January 2012 - 05:18 AM

Maybe you guys didn't see the e-mails in your spam folders; I received four e-mails from them alerting me of a possible security breach and a recommendation to change my password, but they all ended up in my spam folder for some reason.

Not that that makes this any better, of course. I'm certainly not impressed at my personal info being leaked.
Posted Image

#10 Robotron2084   CAGiversary! CAGiversary!   122 Posts   Joined 11.9 Years Ago  

Robotron2084

Posted 20 January 2012 - 05:35 AM

Maybe you guys didn't see the e-mails in your spam folders; I received four e-mails from them alerting me of a possible security breach and a recommendation to change my password, but they all ended up in my spam folder for some reason.

Not that that makes this any better, of course. I'm certainly not impressed at my personal info being leaked.


Like some others I didn't get an e-mail. Nothing in my spam folder. VGP newsletters always show up in my mailbox anyway, but there was nothing from them about this to me.

#11 Eoyote   DLC - Disc Locked Content CAGiversary!   323 Posts   Joined 9.8 Years Ago  

Posted 20 January 2012 - 06:20 AM

I haven't received an email from them either. It has been posted on their blog, though: http://vgplus.blogspot.com/2012/01/important-customer-notice.html

#12 OmegaChaos   CAGiversary! CAGiversary!   1148 Posts   Joined 6.8 Years Ago  

OmegaChaos

Posted 21 January 2012 - 12:11 AM

Damn, better change my password. Does anyone know how to change your password on there? Everytime I change my password on Edit Account, it doesn't save.

Edited by OmegaChaos, 21 January 2012 - 12:36 AM.


#13 djsaiyan   CAGiversary! CAGiversary!   440 Posts   Joined 8.9 Years Ago  

djsaiyan

Posted 21 January 2012 - 12:54 AM

I have received e-mails from VGP, and there are posts on their Facebook page and Twitter.

They've definitely acknowledged the problem.

#14 Jimbob88   CAG Veteran CAG Veteran   5 Posts   Joined 6.5 Years Ago  

Jimbob88

Posted 21 January 2012 - 04:17 AM

Damn, better change my password. Does anyone know how to change your password on there? Everytime I change my password on Edit Account, it doesn't save.


I'm having the same problem. It doesn't matter what account information I change, it will not save.

#15 hitokirix   CAG Veteran CAG Veteran   6 Posts   Joined 8.8 Years Ago  

Posted 21 January 2012 - 04:24 AM

Damn, better change my password. Does anyone know how to change your password on there? Everytime I change my password on Edit Account, it doesn't save.



I had the same problem so I ended up using the password forgotten option for now and emailed them about the issue.
Posted Image

#16 OmegaChaos   CAGiversary! CAGiversary!   1148 Posts   Joined 6.8 Years Ago  

OmegaChaos

Posted 21 January 2012 - 07:04 AM

Yeah, I ended up using the "Forgotten Password" option for now. I guess since you emailed them about the issue, it will get fixed soon.

#17 ragnar14   CAGiversary! CAGiversary!   2005 Posts   Joined 11.7 Years Ago  

Posted 21 January 2012 - 10:15 AM

motherf@#$@%

I just grabbed the info file. I'm in there. My new email too which I do not remember using.
great...off to change all my online accounts.


Hey, I never thought to look at that. ... Yep, I'm on it too. Good thing I went and changed my passwords already. Pretty annoying as I mostly use the same password for smaller retail sites.
Posted Image

#18 TronB   CAGiversary! CAGiversary!   410 Posts   Joined 11.3 Years Ago  

Posted 21 January 2012 - 04:36 PM

I'm too scared to look at the list (well, maybe scared isn't the right word. It would make me feel so uneasy to see all my info publicly exposed), I'm just assuming I'm on it. I never really thought a site I went to would get hacked, but now I'm not taking any chances, so I've started to use LastPass.

I haven't received an email or anything from VGP yet....I would have never known about this if it weren't for this thread. :/
Posted Image

#19 denpanosekai  

denpanosekai

Posted 21 January 2012 - 05:37 PM

tell me your email I'll confirm it for you then.

No but seriously -- everyone's info is on there.

#20 dotCody   The night is dark... and full of terrors. CAGiversary!   922 Posts   Joined 7.3 Years Ago  

Posted 21 January 2012 - 06:19 PM

And of course my shit is in the file. I should have never used VGP two years ago -.-

#21 JamesSoprano   CAGiversary! CAGiversary!   578 Posts   Joined 9.1 Years Ago  

JamesSoprano

Posted 21 January 2012 - 08:05 PM

I'm sorry to hear that Everyone :( tho your info was taken i hope nothing bad happens after this to anyone with Identity or CC usage.

#22 Stanger31   CAG Veteran CAGiversary!   49 Posts   Joined 8.1 Years Ago  

Stanger31

Posted 21 January 2012 - 09:48 PM

They SAY that no credit card information was stored in the same manner this information was stored... According to their blog. But do I trust them? Not a chance, I'm one of the numerous on here who did not receive an email notifying me about this major security breach.

I check my email numerous times daily (junk folder included) and nothing, I always get their advertisements in my inbox - so why wouldn't I get this email?

In either matter, atleast you can dispute fraudulent credit card claims if your CC info was compromised.

I had a fake date of birth listed for mine, I would suggest this for anyone else anytime they sign up for any site/service.

Good luck to all, hope no one has to deal with anything bad from this issue.

#23 Derfel   CAGiversary! CAGiversary!   1226 Posts   Joined 14.2 Years Ago  

Posted 21 January 2012 - 10:17 PM

They SAY that no credit card information was stored in the same manner this information was stored... According to their blog. But do I trust them? Not a chance, I'm one of the numerous on here who did not receive an email notifying me about this major security breach.


You can find the file with all the information online; it doesn't have any credit card info listed. It's name, birthdate, e-mail, phone number, hashed password.

I imagine this information was probably already leaked for those who have PSN accounts when that hack occurred (myself included), but it's somehow extra-alarming to see the results of these hacks yourself...
Posted Image

#24 OmegaChaos   CAGiversary! CAGiversary!   1148 Posts   Joined 6.8 Years Ago  

OmegaChaos

Posted 21 January 2012 - 10:58 PM

The only time I've ever used VGP, was when I bought Valkyria Chronicles for 20$. Also, good thing I don't use the same passwords on the sites I go on.

#25 Tarto   CAG Veteran CAG Veteran   1 Posts   Joined 8.2 Years Ago  

Posted 22 January 2012 - 01:25 AM

The only time I've ever used VGP, was when I bought Valkyria Chronicles for 20$. Also, good thing I don't use the same passwords on the sites I go on.


I never could understand why people did that. Lazy as I am, I never considered doing it as its just like asking to be screwed over the second it ends up in the wild, so to speak.

#26 OmegaChaos   CAGiversary! CAGiversary!   1148 Posts   Joined 6.8 Years Ago  

OmegaChaos

Posted 23 January 2012 - 06:17 AM

I could never understand it either. I always write down my passwords if I ever forget them.

#27 mkrowe   CAGiversary! CAGiversary!   188 Posts   Joined 11.3 Years Ago  

Posted 23 January 2012 - 01:59 PM

Thanks jeffx for confirming that I was in the file... I too never got an email from them, and check my junk folder before emptying it. I also have them on my approved senders since I have ordered from them and get their newsletters. I only re-used that password at a couple non-ordering sites, but still annoying all the same.


#28 Robotron2084   CAGiversary! CAGiversary!   122 Posts   Joined 11.9 Years Ago  

Robotron2084

Posted 24 January 2012 - 12:15 AM

I use a different password for every place I go, but generally the same e-mail for my online purchasing. If my e-mail ends up on a "hacked" list (or possible hack...hello Sony) then I dump that e-mail and create a new one.

I recommend a PasswordCard for passwords. It's a great idea and it makes it easier since you can have many different passwords attached to one card and it avoids standard words that are easier to hack.
http://www.passwordcard.org/en

#29 ZubZub   CAG Veteran CAGiversary!   31 Posts   Joined 7.4 Years Ago  

Posted 24 January 2012 - 05:12 AM

Arrg.... I just signed up on Thursday. I also didn't find out about the hacking until visiting CAG. I would have not made a purchase otherwise. Or perhaps I should've done more research! I had looked at the site plenty of times before and it seemed ok... I'm trying to change my info but it's not saving either. Oh, if I wasn't such a cheap ass gamer, I would have just bought my games from Amazon or somewhere for more money! Well, I would've canceled my order but they say my items have shipped :/

#30 dotCody   The night is dark... and full of terrors. CAGiversary!   922 Posts   Joined 7.3 Years Ago  

Posted 24 January 2012 - 07:04 AM

Oh, if I wasn't such a cheap ass gamer, I would have just bought my games from Amazon or somewhere for more money!


Ok... even though I've found most products on VGP to be overpriced, but whatever...