 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Not trying to add fuel to the fire, could be mearly a coincidence. Check your credit cards people, I have 2 pending charges as of yesterday. One from Best Buy and one from Bell. None of which I do business with. Not saying it's from this suspected breach, but just giving a heads up. I'll be canceling my card today.
Delete
Thank you - please let us know what you find out!Originally Posted by CanAm
The exploit used is likely still active.
When updating your accounts, change all personal info to fake info and update to a gibberish password.
Your data is out there, but no reason to put in new info or a password you'll use anywhere just to have it stolen again.
Canada Ammo should be taking their website offline until resolved
Canada Ammo: you have legal obligations with a data breach that contains PII
https://www.priv.gc.ca/en/privacy-to.../gd_pb_201810/
Last edited by Pimpbob; 04-07-2022 at 04:43 PM.
Seems like phishing to me
would it be a good idea to cancel the credit card they had on file and request a new one from my bank or is that taking it too far?
“... and they who cried: “Appease, Appease!” are hanged by men they tried to please.”
You're insured.
Is the one on file past expiry?
If you don't have automatic charges it won't hurt you.
(First time poster, long time lurker)
I found the breach download and was able to grab a copy of it.
The database that was leaked appears to just be the "users" table.
"id,username,email,password,reset_pin,registration _date,last_login,confirmation,ip,role_id"
These are the headers of what was dumped.
The password is hashed via MD5 encryption, which is reversible in majority of cases, depending on what the password was.
From what I see, there is no personal data outside of emails, passwords, usernames, and ip addresses of accounts.
Change your passwords and all should be good!
Thank you I will pass this to the IT team(First time poster, long time lurker)
I found the breach download and was able to grab a copy of it.
The database that was leaked appears to just be the "users" table.
"id,username,email,password,reset_pin,registration _date,last_login,confirmation,ip,role_id"
These are the headers of what was dumped.
The password is hashed via MD5 encryption, which is reversible in majority of cases, depending on what the password was.
From what I see, there is no personal data outside of emails, passwords, usernames, and ip addresses of accounts.
Change your passwords and all should be good!
how do you reverse a hash without comparing it each time? Good digging!(First time poster, long time lurker)
I found the breach download and was able to grab a copy of it.
The database that was leaked appears to just be the "users" table.
"id,username,email,password,reset_pin,registration _date,last_login,confirmation,ip,role_id"
These are the headers of what was dumped.
The password is hashed via MD5 encryption, which is reversible in majority of cases, depending on what the password was.
From what I see, there is no personal data outside of emails, passwords, usernames, and ip addresses of accounts.
Change your passwords and all should be good!
Posting Permissions
