Security breach play.com

22-03-2011, 10:38

Hi just recieved an email from play.com to say their systems have been compromised and certain customers emails and names may have slipped out.

Dear Customer.

Email Security Message

We are emailing all our customers to let you know that a company that handles part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised.

We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved.

Please be assured we have taken every step to ensure this doesn’t happen again and accept our apologies for any inconvenience this may have caused some of you.

Customer Advice

Please do be vigilant with your email and personal information when using the internet. At Play.com we will never ask you for information such as passwords, bank account details or credit card numbers. If you receive anything suspicious in your email, please do not click on any links and forward the email on to privacy@play.com for us to investigate.

Thank you for continuing to shop at Play.com and we look forward to serving you in the future.

Play.com Customer Service Team

OH dear

. Just posting in case anyone has not seen this.

BenMcr · 22-03-2011, 10:40

Just as well I use a unique email address for play.com Will be able to see where any Spam emails come from

Hom3r · 22-03-2011, 10:45

Becareful this could be a scam and not from play.com

This is the header I get

Quote:

Delivered-To: my email addy
Received: by 10.43.63.84 with SMTP id xd20cs13625icb;
Mon, 21 Mar 2011 16:00:07 -0700 (PDT)
Received: by 10.151.43.15 with SMTP id v15mr4392782ybj.170.1300748407185;
Mon, 21 Mar 2011 16:00:07 -0700 (PDT)
Return-Path: <v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com>
Received: from mail1274c.newsletters.play.com (mail1274c.newsletters.play.com [74.112.64.38])
by mx.google.com with ESMTP id p5si15057377ybk.8.2011.03.21.16.00.04;
Mon, 21 Mar 2011 16:00:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com designates 74.112.64.38 as permitted sender) client-ip=74.112.64.38;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com designates 74.112.64.38 as permitted sender) smtp.mail=v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com
Received: by mail1274c.newsletters.play.com (PowerMTA(TM) v3.5r16) id hgvc7e0iiksj for my email addy; Mon, 21 Mar 2011 18:55:27 -0400 (envelope-from <v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com>)
Date: Mon, 21 Mar 2011 18:55:27 -0400 (EDT)
From: "Play.com" <info@play.com>
Reply-To: info@play.com
To:my email addy
Message-ID: <28465150.102901231300748127168.JavaMail.?@rbg03.pd kp1>
Subject: Important: Email Security Message
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_36685_27335354.1300748124270"
x-mid: 4793444
List-Unsubscribe: <mailto:v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com?subject=Unsubscribe>

is

Return-Path: <v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com>

a valid play.com address?

BenMcr · 22-03-2011, 10:46

Not sure how it's a scam. There is nothing in it asking for information, and the only e-mail address in it is a valid play.com one

It has also gone to the correct email address I used for play.com as well

Hom3r · 22-03-2011, 10:51

Quote:

Originally Posted by BenMcr

Not sure how it's a scam. There is nothing in it asking for information, and the only e-mail address in it is a valid play.com one

It has also gone to the correct email address I used for play.com as well

True but if you get any emails from "play.com" asking you to click on a link, DON'T. Goto the play.com site via you own explorer.

Graham M · 22-03-2011, 10:52

Quote:

Originally Posted by Hom3r

Becareful this could be a scam and not from play.com

This is the header I get

is

Return-Path: <v-ejcege_fiodecco_kghklao_kghklao_a@bounce.newslette rs.play.com>

a valid play.com address?

Looks like it, it goes to an account on the play.com domain

BenMcr · 22-03-2011, 10:53

Quote:

Originally Posted by Hom3r

True but if you get any emails from "play.com" asking you to click on a link, DON'T. Goto the play.com site via you own explorer.

Had no plans to lol

Kymmy · 22-03-2011, 11:10

It's a genuine email..

Moved to the Security forum

dilli-theclaw · 22-03-2011, 12:35

More info

http://www.theinquirer.net/inquirer/...ecurity-breach

22-03-2011, 13:19

this information is often leaked/sold by data collecting companies. Most of us in one way or another are on such a list somewhere. This info can net those selling it quite a bit of money.

There is always a option to tick when you register anywhere 3rd party blar blar some is a tick to opt in and other ( the crafty ones) are tick to opt out which means if you aint read it properly and assume its a tick giving permission your data is on a list

Sky for example is an opt out company you actually have to deny permission or by default your info is shared

22-03-2011, 20:22

More info here at BBC News

deadite66 · 22-03-2011, 20:40

Interestingly gmail let this through without flagging as spam.
related to the play email leaks?

[img]Download Failed (1)[/img]

Toto · 22-03-2011, 21:07

Quote:

Originally Posted by deadite66

Interestingly gmail let this through without flagging as spam.
related to the play email leaks?

Probably because the spam email was sent over a compromised network that has a valid SPF record. Google will give a lot of positive weight to a spam or phishing email if it has SPF:PASS in the header.

Kymmy · 22-03-2011, 22:09

Another email from PLAY.COM

Quote:

Dear Customer,

As a follow up to the email we sent you last night, I would like to give you some further details. On Sunday the 20th of March some customers reported receiving a spam email to email addresses they only use for Play.com. We reacted immediately by informing all our customers of this potential security breach in order for them to take the necessary precautionary steps.

We believe this issue may be related to some irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded. We would like to assure all our customers that the only information communicated to our email service provider was email addresses. Play.com have taken all the necessary steps with Silverpop to ensure a security breach of this nature does not happen again.

We would also like to reassure our customers that all other personal information (i.e. credit cards, addresses, passwords, etc.) are kept in the very secure Play.com environment. Play.com has one of the most stringent internal standards of e-commerce security in the industry. This is audited and tested several times a year by leading internet security companies to ensure this high level of security is maintained. On behalf of Play.com, I would like to once again apologise to our customers for any inconvenience due to a potential increase in spam that may be caused by this issue .

Best regards,

John

John Perkins
CEO
Play.com

Hom3r · 22-03-2011, 22:31

I got the second email, and OK I was wrong, but better safe than sorry.

---------- Post added at 22:31 ---------- Previous post was at 22:16 ----------

If you get any suspicious emails that appear to come from Play.com

Quote:

It has also requested that any suspicious messages be forwarded to privacy@play.com.

I tend to only get 3 emails from them IIRC

1. General promo's
2. Order placed/received
3. Order dispatched.

And I spend a LOT of cash there, and will continue to do so.