Dear QuantumListing Members: I am writing to let you know that hackers were able to breach the QuantumListing database and erase several user records and listings, however, since we don't collect p...
Dear QuantumListing Members:
I am writing to let you know that hackers were able to breach the QuantumListing database and erase several user records and listings, however, since we don't collect personal information, none has been stolen. This is the second time we've been the subject of a hack, and since this involved user records I thought it important to inform you. After the first attack, which only erased listings, we engaged SiteLock to help secure the site and prevent further breaches. Unfortunately, in the early hours this morning hackers were able to use a hidden back door and gain entry to the site and to delete additional listings and user names.
We have blocked the IP addresses from which the attack came and SiteLock has again scoured our site and assured us that any hidden points of entry have been removed. They have a firewall in place and monitor the site constantly to hopefully prevent a recurrence.
The only information in your registration profile is your User Name, phone, email address and website. Your passwords are encrypted, so we believe that information has not been compromised, but of course cannot be 100% certain. We would suggest that you take precautions, by changing passwords where you may have used the same password here as elsewhere. Many of you receiving this email were given accounts by us, and we created your original User Name and Password, in which case you would not need to change other passwords, but we still recommend you change your QuantumListing Password. The procedure for this is outlined below.
We don't collect any personal financial information such as social security numbers or credit card information, so you should not have any concern in that regard. Anyone who has a paid subscription made the payment through Apple's iTunes Store secure payment system and Apple does not share any of your personal information with us.
You can check to see if your user account is intact by emailing me at [email protected] Alternatively, you can open the app, log out from the Profile page (bottom right tab on the app screen), then try to log back in with your email and password. If it does not work, try registering again. If you encounter any difficulty, send me an email.
To change your password, open QuantumListing, tap the tab at the bottom right to go to the Profile screen. Then tap on Account, and Edit. Change your password and hit done. You may want to take this opportunity to make sure your Profile information is complete, and to add a Profile picture and short bio.
Unfortunately, the biggest downside to this episode is that the database was not backed up as regularly as it should have been, so when we finish the restoration of the database, many of your user records and listings will not have been restored. We are now implementing a more robust backup protocol.
The fact that far worse data breaches have occurred to the federal government and major corporations does not make it any easier for me to swallow that it has happened to QuantumListing. The feeling of unease and violation that results from this is extremely unsettling.
I apologize for this inconvenience. If you are having any trouble with the app, it may be because your user account has not been restored yet, or because it is not part of the back up and can't be restored.
We hope that you will continue to explore QuantumListing, and have it become one of the tools you use regularly to view, search, post and share your listings. We'll continue to make sure that site and database security are priorities and will try to stay a step ahead of the hackers. Do not hesitate to get in touch with any questions or concerns.
David Perlmutter is the author of the QuantumListing Blog and publisher of the QuantumListing App.