Club reg hacked. PCA members beware !
#1
Team Owner
Thread Starter
Club reg hacked. PCA members beware !
I absolutely hated this when it came out . But we all had to sign up for a new service to make the clubs job easier. It has now become a nightmare for all the users. I mean I understand as the club grows it gets more difficult to manage. The reason they have not carved it up into smaller chapters is a discussion for another day , but I see it coming with more and more dealers opening ( Oakville, London North Toronto ) .
Anyhow it has been completely hacked and decrypted and your log on credentials are out there. I am not sure how well this organization was vetted security wise before PCA jumped into bed with them. Now it means changing all other passwords in your life that used the same credentials.
Seen very little leadership from the club so far on this on this so thought I would let everyone know who may have missed the email .
Extremely disappointed but it is what it is I guess.
Anyhow it has been completely hacked and decrypted and your log on credentials are out there. I am not sure how well this organization was vetted security wise before PCA jumped into bed with them. Now it means changing all other passwords in your life that used the same credentials.
Seen very little leadership from the club so far on this on this so thought I would let everyone know who may have missed the email .
Extremely disappointed but it is what it is I guess.
#3
Where you getting this from? No mention of this on ClubRegustration or PCA sites.
#4
It has come to our attention that ClubRegistration.net's user list has been stolen. Some of you may have received an email containing a demand of funds. This is a fraudulent email.
Our user list is encrypted but the hackers were successful at decrypting our data. We have updated our servers and site security in response to this breach. ClubReg does NOT have access to your credit card or medical information. That information does not exist on our servers. Event payments are handled by a third party merchant account only.
We recommend that you update your login credentials on any other site where the username and password are the same as ClubReg. As a good practice we suggest that your ClubReg username and password be unique. If you need assistance changing this information please contact our office at 512-273-5016. We apologize for any inconvenience this may cause you.
Thank you,
Chris Alvarado
ClubRegistration.net
Our user list is encrypted but the hackers were successful at decrypting our data. We have updated our servers and site security in response to this breach. ClubReg does NOT have access to your credit card or medical information. That information does not exist on our servers. Event payments are handled by a third party merchant account only.
We recommend that you update your login credentials on any other site where the username and password are the same as ClubReg. As a good practice we suggest that your ClubReg username and password be unique. If you need assistance changing this information please contact our office at 512-273-5016. We apologize for any inconvenience this may cause you.
Thank you,
Chris Alvarado
ClubRegistration.net
#6
I didn't get the email
Trending Topics
#8
Team Owner
Thread Starter
Thats why i shared the news, for those that may not have gotten or filtered the email
They mentioned it at tonights social.
"Just log on and change your password"
"Make sure everyone signs up who hasn't !! "
Seriously ??
They mentioned it at tonights social.
"Just log on and change your password"
"Make sure everyone signs up who hasn't !! "
Seriously ??
Last edited by theiceman; 08-15-2018 at 08:42 AM.
#9
Last edited by KLCC 88; 08-18-2018 at 08:01 AM. Reason: Autocorrect
#10
Rennlist Member
#13
Rennlist Member
I use unique passwords for each site...not necessarily complex, just unique. Anything can get hacked and does nowadays. If you are looking for an excuse to stop attending anything, you will find it. I enjoy many PCA gatherings, particularly ones that are held at a racetrack.
#14
They are not clear enough about passwords being compromised. Passwords should never be stored 'encrypted' - only a one-way fingerprint of it should bestored, and it had to be salted in a way that makes it extremely expensive in both computation and memory usage to try and brute-force guess.
Few services will store user information 'encrypted', but rather stored in a database with sufficient access controls. They only thing that could possibly encrypted is the auth passwords - but that would have been a foolish thing to do.
Few services will store user information 'encrypted', but rather stored in a database with sufficient access controls. They only thing that could possibly encrypted is the auth passwords - but that would have been a foolish thing to do.