Jump to content
jammie82uk

Official Club Notice | Your Data May Have Been Compromised

Recommended Posts

6 minutes ago, Beechey said:

If what @UniFox21 is saying is true, and it's just a record of a purchase, then really, card details should not be in danger here - most stores will keep a note of some card information (mostly for say, end user records: "You bought x item for £x using card ending in 1234", and of course, administration bank end uses), but not enough to mimic that card (always no security pin, and most of the time no expiration dates). I'm curious to know precisely what has been lost here.

It's what I'm assuming, given unless you go to store your card info online  (wouldn't recommend doing that), that there's no need for them to store the full number or 3 digits given the bank has your approval for the transaction. 

 

It's always good to take the recommended precautions when this type of thing happens, but panic isn't needed

Link to post
Share on other sites
Just now, UniFox21 said:

It's what I'm assuming, given unless you go to store your card info online  (wouldn't recommend doing that), that there's no need for them to store the full number or 3 digits given the bank has your approval for the transaction. 

 

It's always good to take the recommended precautions when this type of thing happens, but panic isn't needed

It's basically as we thought.

 

From the Privacy Policy:

“Financial Data”, which comprises your bank account and payment card details.

 

a) Processing your order In processing any order which you place with us, we will use your Identity Data, Contact Data, Financial Data, Transaction Data, Profile Data and Marketing and Communications Data in order to provide you with our products and services, which includes managing, processing and dispatching your orders as well as processing payments. We will also use this information to keep adequate records of your past purchases, as well as to contact you regarding your order. All Financial Data processed via our website will be encrypted.

 

I'd still like to know exactly what it is they store, though - purely out of curiosity.

  • Like 1
Link to post
Share on other sites
6 minutes ago, Beechey said:

It's basically as we thought.

 

From the Privacy Policy:

“Financial Data”, which comprises your bank account and payment card details.

 

a) Processing your order In processing any order which you place with us, we will use your Identity Data, Contact Data, Financial Data, Transaction Data, Profile Data and Marketing and Communications Data in order to provide you with our products and services, which includes managing, processing and dispatching your orders as well as processing payments. We will also use this information to keep adequate records of your past purchases, as well as to contact you regarding your order. All Financial Data processed via our website will be encrypted.

 

I'd still like to know exactly what it is they store, though - purely out of curiosity.

 

Exactly, companies are sceptical about storing too much sensitive data given if they are hacked, they can be at fault for so much damage otherwise. There's no need to store more than needed when it comes to making sure they're getting paid.

 

Like i said, no need to panic, but if you're worried having bought in that period, then contact your bank. They'll talk you through what the steps are. Better to be safe than sorry with these things.

 

I'd love to know what they store, just to be nosey as well. 

 

 

Mods - can we highlight the quoted post? This type of info should stop people panicking straight away after hearing "bank details" and "compromised".

Edited by UniFox21
  • Like 1
Link to post
Share on other sites
32 minutes ago, Beechey said:

The attack you're mentioning is an injection attack (specifically XSS). If this has occurred I'm even more concerned about whoever is developing this website than before, because they're one of the simplest attacks to avoid, and one of the most common attacks.

 

I really hope it's not the case.

 

If what @UniFox21 is saying is true, and it's just a record of a purchase, then really, card details should not be in danger here - most stores will keep a note of some card information (mostly for say, end user records: "You bought x item for £x using card ending in 1234", and of course, administration back end uses), but not enough to mimic that card (always no security pin, and most of the time no expiration dates). I'm curious to know precisely what has been lost here.

where were you on the night of the hack, son?

Link to post
Share on other sites
1 hour ago, LinekersApples said:

I was robbed of 9.5m in the early noughties

 

£5m on Ade Akinbiyi, £3m on Matthew Jones and £1.5m on Trevor Benjamin

 

Mr.P Taylor (Dagenham)

Don’t understand comment regarding Matt Jones, he was one of our better players until he got injured and had to retire.

Link to post
Share on other sites
22 minutes ago, Vulpine Victor said:

Don’t understand comment regarding Matt Jones, he was one of our better players until he got injured and had to retire.

True, although I can’t really remember and was more based on 3m for less than 30 games. 

 

Maybe not robbery, but certainly not value for money. 

Link to post
Share on other sites
  • 1 month later...

Got called from 01162294401 earlier claiming she was from LCFC, asking me if I wanted to renew my membership. Don’t usually give details over the phone so ended the call. That number isn’t on the club’s website and if you search google with LCFC it returns zero.

 

My details weren’t involved in the hack so I wonder if it IS a scam, it might be the same people going down the list of contact details they weren’t able to get card details from...

 

Anyone else had this? Just be wary....

 

PS, yes I have emailed the club.

Link to post
Share on other sites
1 hour ago, urban.spaceman said:

Got called from 01162294401 earlier claiming she was from LCFC, asking me if I wanted to renew my membership. Don’t usually give details over the phone so ended the call. That number isn’t on the club’s website and if you search google with LCFC it returns zero.

 

My details weren’t involved in the hack so I wonder if it IS a scam, it might be the same people going down the list of contact details they weren’t able to get card details from...

 

Anyone else had this? Just be wary....

 

PS, yes I have emailed the club.

Just came on here looking for this... My phone was turned off, I have got a voicemail at 7 pm from the same number. Message was similar, using my first name and saying the club have introduced new benefits for the upcoming season's membership and would like the opportunity to discuss it with me. I think it's legitimate and it's the club trying out a new (slightly desperate) marketing strategy, but it'd be interesting to know what the club replies.

Link to post
Share on other sites
1 hour ago, brucey said:

Just came on here looking for this... My phone was turned off, I have got a voicemail at 7 pm from the same number. Message was similar, using my first name and saying the club have introduced new benefits for the upcoming season's membership and would like the opportunity to discuss it with me. I think it's legitimate and it's the club trying out a new (slightly desperate) marketing strategy, but it'd be interesting to know what the club replies.

Can't imagine that'll be genuine. Don't remember the club asking specifically for telephone consent, so if they haven't, that'd be outside of Data Protection law.

 

On the issue itself, even if you've let them store the card details, no way would (should) they keep the security number on the back. That'd be madness. Also, companies aren't just skeptical of taking too much information (trust me 95% of employees don't understand that idea), it's written into Data Protection law that you should only take what you need, so you'd be stupid to get info you don't need.

 

You can tell I work in Data Governance... It's code for need to get a life

 

  • Thanks 1
Link to post
Share on other sites
18 minutes ago, urban.spaceman said:

E718531E-D6A9-407D-90EF-275ECBA7BD47.thumb.jpeg.9f157f78c3219d80a4d2d54a21b613c1.jpeg

Cheers. Bit dodgy with GDPR then. Just logged into my account and found the opt in/out preferences which I'm sure wasn't there when first signing up years ago. They were blank so I've never opted in. Opted out of calls now.

Link to post
Share on other sites
4 hours ago, brucey said:

Cheers. Bit dodgy with GDPR then. Just logged into my account and found the opt in/out preferences which I'm sure wasn't there when first signing up years ago. They were blank so I've never opted in. Opted out of calls now.

Remember you had to re-register when the new website was launched and the options have been there since then 

Link to post
Share on other sites
  • 1 year later...
On 27/06/2019 at 19:06, urban.spaceman said:

Got called from 01162294401 earlier claiming she was from LCFC, asking me if I wanted to renew my membership. Don’t usually give details over the phone so ended the call. That number isn’t on the club’s website and if you search google with LCFC it returns zero.

 

My details weren’t involved in the hack so I wonder if it IS a scam, it might be the same people going down the list of contact details they weren’t able to get card details from...

 

Anyone else had this? Just be wary....

 

PS, yes I have emailed the club.

 

Did you ever confirm whether this number was from LCFC in the end? Just missed a call from the same number myself and found this thread from Google.

 

I can see you posted an image later in the thread but it's not showing now - must've been lost somehow in the last year.

Link to post
Share on other sites
1 hour ago, Basingstoke Fox said:

 

Did you ever confirm whether this number was from LCFC in the end? Just missed a call from the same number myself and found this thread from Google.

 

I can see you posted an image later in the thread but it's not showing now - must've been lost somehow in the last year.

From memory, the image showed an email reply from Jim confirming that call was indeed from the club. I got the same call from that number. 

  • Like 1
Link to post
Share on other sites
2 hours ago, Basingstoke Fox said:

 

Did you ever confirm whether this number was from LCFC in the end? Just missed a call from the same number myself and found this thread from Google.

 

I can see you posted an image later in the thread but it's not showing now - must've been lost somehow in the last year.

I'm afraid my LCFC memory is shite unless you want me to tell you who scored the winner against Barnsley in 1998.

 

(It was Zagorakis)

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...