Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
PureVPN Hacked - Fake Email Regarding Service Closure
10-06-2013, 09:54 AM, (This post was last modified: 10-06-2013, 10:02 AM by sujay.)
#1
PureVPN Hacked - Fake Email Regarding Service Closure
PureVPN, a renowned VPN service providor sent an email to all its customers regarding urgent service closure due to legal notice. In that mail it was mentioned that they have handed over all customer details to the concerning authority. It was also told that they will not be able to refund your money as their bank account is frozen and you have to open a dispute on PayPal or file a chargeback with your credit card company to get your money back.
I become shocked especially because all the customer details was handed over. I immediately went to their website and found that I was unable to login. I contacted their online reptresentative who assured me that the service was hacked and due to that hacking attempt or DDoS attack their security system has blocked the access of all users client area. He also told that an assurance email will be sent as soon as they get hold on the problem.

[Image: image.jpg]

Original mail
Quote:Dear customer,

I'm sorry to inform you that due to an incident we had to close your account permanently. We are no longer able to run an anonymization service due to legal issues we are facing.

We had to handover all customer’s information to the authorities unfortunately. They might contact you if they need any details about the case they are working on. The following information was handed over: your name, billing address and phone number provided during purchase and any documents we had on file (for example scan of your ID or driver’s license if you have provided these to our billing department).

We are also sorry we are not able to refund you, however if you wish your money back, please open a dispute on PayPal or file a chargeback with your credit card company. This is the only way we can refund you as our bank account is frozen during this investigation. We recommend you to do this as soon as possible as we can't guarantee all customers will get their money back.

We apologize once more this had to happen.

Yours sincerely,
Uzair Gadit
PureVPN founder
Response of Customer Representative
Quote:Please ignore the email, due to some hacking attempt or DDoS attack our security system has blocked the access of all users client area but you may use the VPN service. Please retry after a short while. All your details are safe and you will be sent an email regarding the same

Although, they have given you assurance, it is recommended to change your passwords once you are able to access your account panel.

 
Like Post Reply
10-06-2013, 10:37 AM,
#2
RE: PureVPN Hacked - Fake Email Regarding Service Closure
it is fake .actually customer database leaked
Like Post Reply
10-06-2013, 11:27 AM, (This post was last modified: 10-06-2013, 11:28 AM by itspurevpn.)
#3
RE: PureVPN Hacked - Fake Email Regarding Service Closure
Hi Guys!

Thank you for your support here!As our blog and twitter confirmed it was a fake email sent to PureVPN Customers.

However, our VPN service is functioning 100% fine and there is no interruption whatsoever.While we are further investigating the actual cause. Please check out our blog for further clarifications and updates:http://www.purevpn.com/blog/fake-email-t...-update-1/

We are also keeping our customers updated every minute through our Twitter channel. Please follow us on twitter @purevpn for further updates.

Thank you everyone!
PureVPN Team!
 

(10-06-2013, 09:54 AM)'sujay' Wrote: PureVPN, a renowned VPN service providor sent an email to all its customers regarding urgent service closure due to legal notice. In that mail it was mentioned that they have handed over all customer details to the concerning authority. It was also told that they will not be able to refund your money as their bank account is frozen and you have to open a dispute on PayPal or file a chargeback with your credit card company to get your money back.
I become shocked especially because all the customer details was handed over. I immediately went to their website and found that I was unable to login. I contacted their online reptresentative who assured me that the service was hacked and due to that hacking attempt or DDoS attack their security system has blocked the access of all users client area. He also told that an assurance email will be sent as soon as they get hold on the problem.

[Image: image.jpg]

Original mail
Quote:Dear customer,

I'm sorry to inform you that due to an incident we had to close your account permanently. We are no longer able to run an anonymization service due to legal issues we are facing.

We had to handover all customer’s information to the authorities unfortunately. They might contact you if they need any details about the case they are working on. The following information was handed over: your name, billing address and phone number provided during purchase and any documents we had on file (for example scan of your ID or driver’s license if you have provided these to our billing department).

We are also sorry we are not able to refund you, however if you wish your money back, please open a dispute on PayPal or file a chargeback with your credit card company. This is the only way we can refund you as our bank account is frozen during this investigation. We recommend you to do this as soon as possible as we can't guarantee all customers will get their money back.

We apologize once more this had to happen.

Yours sincerely,
Uzair Gadit
PureVPN founder
Response of Customer Representative
Quote:Please ignore the email, due to some hacking attempt or DDoS attack our security system has blocked the access of all users client area but you may use the VPN service. Please retry after a short while. All your details are safe and you will be sent an email regarding the same

Although, they have given you assurance, it is recommended to change your passwords once you are able to access your account panel.

 

 
Like Post Reply
10-06-2013, 08:12 PM, (This post was last modified: 10-06-2013, 08:14 PM by sujay.)
#4
RE: PureVPN Hacked - Fake Email Regarding Service Closure
Dear orgish, I am not sure about that but as itspurevpn said, that shouldn't be the case. I have also got that clarification mail which explains the current case.
Quote:Dear User,

Hope you are doing well and enjoying PureVPN's services.

This morning some of our users have received a fake email and we are sending this note as a clarification. We are NOT closing down nor do we have outstanding legal issues of any sort. We have neither been contacted by any authorities nor do we store our user's personal data to share with anyone.

....

Status of the VPN service:
Our VPN service is working 100% OK. You may continue using our VPN service which is secure to the highest possible levels of encryption.

Status of Billing Portal / Client area:
While we are investigating the issue, we've temporarily disabled everyone from logging into the billing portal / client area.

We'll shortly be communicating further updates.

Sincerely,
Uzair Gadit, Co-founder.
On behalf of The PureVPN Team.

 
Like Post Reply
10-06-2013, 09:45 PM,
#5
RE: PureVPN Hacked - Fake Email Regarding Service Closure
Only Email addresses and names are leaked.
Quote:Dear User,

We are writing this email to give you 'Second Major Update' on PureVPN Fake Email Issue.

Our VPN service is functioning 100% fine and there is no interruption whatsoever. While we are investigating the cause of the email, we reemphasize that, as we do not store any of our users credit card nor PayPal information in our on-site databases, there has been no compromise in our users billing information. Similarly, service troubleshoot logs (connection attempts, users IPs, etc) are safe and intact as we do not store such logs on site. Furthermore, as we vouch for privacy, security and anonymity on the internet, hence we do not store actual VPN service usage logs.

Preliminary reports suggest that we are hit with a zero day exploit, found in WHMcs; 3rd party CRM that we use on our website: http://blog.whmcs.com/?t=79427 

We are able to confirm that the breach is limited to a subset of registered users Email IDs and names.
Like Post Reply
10-07-2013, 10:21 PM,
#6
RE: PureVPN Hacked - Fake Email Regarding Service Closure
Third Update
Quote:Dear Users,

This is going to be a short update on the matter.

In wake of the hack attempt we have been continuously testing our systems for any further possible security lapses. It been more than 36 hours now since the incident and we want to reassure our valued users that all systems including the Client area, Billing Systems, Support center as well as all the systems of the VPN service including the VPN servers are functioning 100% well. Although never affected, load on the VPN service is usual and we are thankful to our valued users for their understanding and cooperation.

The user database breach that occurred yesterday, due to a security exploit found in the 3rd party application WHMcs, has been identified as an isolated breach that compromised Email IDs and names of a subset of our registered users. We repeat no billing information such as Credit Card or other sensitive personal information was compromised.

Our conclusive investigation report is near completion and We are just waiting on the involved 3rd party services to confirm a few aspects related with their system. We deeply regret this compromise and apologize with our valued users. We further believe we'll learn from our mistakes and grow even stronger. Once the investigation report is out, we'll be announcing compensation for the affected users.

................


Best Regards,

Uzair Gadit, Co-founder.
On behalf of The PureVPN Team.
Like Post Reply
10-17-2013, 11:30 AM, (This post was last modified: 10-17-2013, 11:30 AM by sujay.)
#7
RE: PureVPN Hacked - Fake Email Regarding Service Closure
Final update....
Quote:Dear PureVPN Clients,We would like to start by accepting complete responsibility for the unfortunate incident that happened on October 6th, 2013. As one of the biggest VPN provider, PureVPN combats all sorts of malicious attacks and cyber crimes in its' various forms. Our hard working staff is at work 24 hours a day, 365 days a year with a mission to defeat what's bad for millions of innocent internet users world over. Unfortunately, there are times when the bad, thanks to the zero day exploits, gains some upper hand to be able to momentarily disrupt those hard efforts. Hard reality is that, this war between the good and the bad is never ending. Our friends at Google, Apple, Microsoft, Adobe, Facebook, Twitter and others despite having best resources at their disposal all face such short lived defeats but only to grow stronger. Now it's our time to grow stronger.Our engineers and the security team have worked round the clock, extensively auditing all systems, during the past 8 days to bring this conclusive report out today to our valued users. Although the fix for what was obvious was applied within a few hours, we kept on investigating for the root cause which we hereby present to our valued users.On 4th Oct 2013 the hacker, using a Romanian IP address was able to exploit a bug in WHMcs, the 3rd party billing and ticketing solution that we use on our website, and ran several SQL injection queries to compromise a few tables including "tblclients", "tbladmins" and "tblconfiguration". The hacker obtained users info (mainly name and email) including hashed passwords (i-e not in a readable form but in an irreversible encrypted form) but obviously couldn't compromise the sensitive billing information (Credit Card or PayPal information) as it's NOT stored on the on-site database. User passwords are also stored using MD5 + (salt) encryption which is essentially irreversible. Although not an imminent threat we encourage our users to reset their passwords as a precautionary measure.The hacker, knowing that (s)he got a short time window, was not able to compromise the complete users database rather when (s)he reached approx 70,000 clients (s)he moved on to the mass mail stage. Using the same exploit the hacker was able to compromise our SendGrid account access information, the 3rd party SMTP we use for transactional emails, which is stored in WHMcs in the same database (tblconfiguration). After illegally obtaining Email IDs and our SMTP account credentials, the hacker accessed our SendGrid account, imported the Email IDs, created a newsletter and sent the fraudulent mass mail on 6th Oct 2013 at 10:26 HKT (GMT+8).Further and thorough audit on our VPN systems has confirmed that there was absolutely no breach on the VPN network and throughout the incident our VPN service continued to operate securely. No technical usage data was compromised and since we do not store users activity logs, our users are hereby assured of full anonymity and security throughout.We have learned several of our mistakes and have started taking measures immediately to prevent this from happening again in the future. As a token of our continued commitment to our clients, we are offering compensation. Details of the compensation are as follows:
  • Affected clients who have subscribed for Annual subscription will get 5 weeks of free service.
  • Affected clients who have subscribed for Semi-Annual subscription will get 3 weeks of free service.
  • Affected clients who have subscribed for Monthly subscription will get 2 weeks of free service.
If you are an affected user and haven't received the compensation email, kindly create a support ticket here after logging into your Client Area.Again, we accept complete responsibility for what has happened but we are determined to continue our fight against the bad. The war will go on.Sincerely, Uzair Gadit, Co-Founder,On behalf of The PureVPN Team.
Like Post Reply




Users browsing this thread: 1 Guest(s)

Contact Us | Insights in Technology | Return to Top | | Lite (Archive) Mode | RSS Syndication

Bookmark and Share