Page 1 of 2 12 LastLast
Results 1 to 25 of 39
  1. #1
    Merchant & ABW Ambassador
    Join Date
    May 31st, 2006
    Location
    Houston TX
    Posts
    4,731
    DFF office burglary notice
    Got this in my email.
    FYI. I am not working with Andrew but for those who are, just a heads up.

    Our office was burglarized, some server stolen and some data lost...
    At approximately 4:30am 1/22/07 Monday, I received several text messages of multiple server down. I also received a phone call 10 minutes later from the alarm company.

    Puting 1 + 1 together I realized I have a bigger problem than typical hardware failures.

    Once I arrived at the office I realized that we have been burglarized, some servers were taken (not all) along with many other things, because the burglars probably realized they only have a few minutes and it is difficult to remove servers from rackmount. Nevertheless we lost 6 servers within minutes which includes DFF main database server + DFF database log, file servers, search servers...

    We quickly tried to put another server together from spare parts and retrieve (remote location) backup which the only one we have was over 1 month old.

    The fact that the servers were stolen, it is a security concern, but I doubt anyone could figure out the password for the server to do anything with it. Most likely whoever have those server will sell if for parts on ebay. So please do not panic, our password was 12 characters long with letters and numbers.

    What was lost?
    1. Template styles are lost.
    2. All affiliate IDs settings / changes after 11/25/06.
    3. All support tickets.
    4. Merchant relationship after 11/25/06 are lost.
    5. URL schema settings are lost

    Please review and re-setup your Affiliate IDs and Merchant Relationships
    This week we will be working hard to put things back to normal.
    I really hate to spend time redoing things already done, but this is life and sometimes things like this happens. I hope everyone could understand and be a bit more patient as we work through this issue.

    We are now running on a temporary database server (not very fast one). I am ordering 2 new servers to replace the missing DFF database server. We hope to replace this temporary server sometime next weekend. Downtime will be expected for about 2 hours.

    Good lesson learned for us.. make more frequent remote site backup and secondary person performing remote backup during weekday.

    I sincerely apologize for your lost of time and inconvenience.

    Please reply to this email or call Andrew at 281-808-3698.

    Andrew Nurcahya
    Andrew@DataFeedFile.com

  2. #2
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    Oh don't worry. LOL

    12 characters numbers and letters isn't going to stop someone if they want information.

    I have a 69 character password, numbers letters, symbols lower and uppercase and I'm not happy with it lol.

  3. #3
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Was thinking the same thing. Let's just hope the thieves are just that, thieves only. If they are tech experts, then it's wishful thinking that a password is going to stop them.

  4. #4
    Outsourced Program Manager
    Join Date
    January 18th, 2005
    Location
    Central Florida
    Posts
    1,619
    Oh man, here we go again.

  5. #5
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    Their backup is 1 month old? I just read that. Are they insane. I back up my database daily and do an entire site back up weekly.

  6. #6
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    Quote Originally Posted by FairFieldGetaway-EricEwe
    Got this in my email.
    FYI. I am not working with Andrew but for those who are, just a heads up.
    OK, I never posted anything about the DFF program because I am not a member there, but I always read all the posts about the program on the DFF forum, so now I would like to say something.

    Why we always have to find out what is going on with DFF from some ABW member first?, why the people from DFF take so long to reply to posts made about their program here?, why this and why that?

    Our office was burglarized, some server stolen and some data lost...
    At approximately 4:30am 1/22/07 Monday, I received several text messages of multiple server down. I also received a phone call 10 minutes later from the alarm company.
    WTF is that?

    What kind of alarm company they have?

    I would believe that any reliable alarm company would be making that call the instant the alarm is triggered!

    The fact that the servers were stolen, it is a security concern, but I doubt anyone could figure out the password for the server to do anything with it. Most likely whoever have those server will sell if for parts on ebay. So please do not panic, our password was 12 characters long with letters and numbers.
    I thought that the DFF would be able to say something better than that!

    Unless some opportunistic crooks just stole those servers to get some quick cash money to buy some crack, I doubt that if someone else did indeed stole those servers would have any problem reading the entire hard drive.

    But.........


    What was lost?
    1. Template styles are lost.
    2. All affiliate IDs settings / changes after 11/25/06.
    3. All support tickets.
    4. Merchant relationship after 11/25/06 are lost.
    5. URL schema settings are lost
    Other than for #1 and #2, I would not worry too much if indeed that shit happen and I was just a DFF member, or if it was my company.

    Andrew, the best way to gain some trust around here, is to be on top of things, it's your company, and so far you're not doing any goog job in public relations, so shape up or............

    EricEwe,

    Thanks for the heads up but, unless you're working with Andrew, or have some interest on the DFF company, I don't think you're doing Andrew, or yourself, any favor by making that post before he does.

    And EricEwe, don't get me wrong, but I will called the way I see it.

    Got this in my email.
    FYI. I am not working with Andrew but for those who are, just a heads up.
    If you're not working with Andrew and he send you that email, you're wrong by posting that email before he post that info here first.

    Even sometimes when I don't agree on something, I still think about the benefit of the doubt just in case.






    Anyway Andrew, good luck with the DFF company!

  7. #7
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    "Thanks for the heads up but, unless you're working with Andrew, or have some interest on the DFF company, I don't think you're doing Andrew, or yourself, any favor by making that post before he does."

    Andrew should have a post over here but he didn't so I think it's good someone did to let people who use DDF know what's going on. Doesn't look like they even sent out an email about the problem from reading the thread over there:

    http://forum.datafeedfile.com/showthread.php?t=562

    Some say they didn't, simcat said they did:

    "I received an email mentioning a burglary. Visit their forum for more info...."

    People who are using DFF would have to let you know.

  8. #8
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    Quote Originally Posted by TrustNo1
    "Thanks for the heads up but, unless you're working with Andrew, or have some interest on the DFF company, I don't think you're doing Andrew, or yourself, any favor by making that post before he does."

    Andrew should have a post over here but he didn't so I think it's good someone did to let people who use DDF know what's going on. Doesn't look like they even sent out an email about the problem from reading the thread over there:

    http://forum.datafeedfile.com/showthread.php?t=562

    Some say they didn't, simcat said they did:

    "I received an email mentioning a burglary. Visit their forum for more info...."

    People who are using DFF would have to let you know.
    Thanks for nothing Trust, I just cliked on that link, and no body was home!

    I find it amusing now, I always thought that they don't reply here because they were busy fixing something, but now that I just visited the datafeedfile forum for the first time because you posted that link, all I can say now is that:

    Now I am convinced: DFF Sucks Big time

    They not even answer on their own forum!

  9. #9
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    Quote Originally Posted by Mr. Sal
    What kind of alarm company they have?

    I would believe that any reliable alarm company would be making that call the instant the alarm is triggered!

    Maybe they are fibbing and it was really the bank doing a repo.

  10. #10
    ABW Ambassador flamingoworld's Avatar
    Join Date
    January 18th, 2005
    Posts
    5,208
    I don't use them, but have seen lots of the posts here about DFF and their responses.
    This all sounds fishy to me.

    Surely if this is true, it is reported in some newspaper or something somewhere.

  11. #11
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    I received several text messages of multiple server down. I also received a phone call 10 minutes later from the alarm company
    Originally Posted by Mr. Sal @ Today, 12:27 AM
    What kind of alarm company they have?

    I would believe that any reliable alarm company would be making that call the instant the alarm is triggered!
    I'm not a cop, but I waited in good faith for 1 and ½ hour here for someone from DFF to show up so I can go home, and so far nobody from that company have come here to secure whatever was leftover from that (burglary).

    I have to go now, but I hope someone else call that 281-808-3698 number and tell Andrew that it looks like the already.

  12. #12
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Quote Originally Posted by flamingoworld
    I don't use them, but have seen lots of the posts here about DFF and their responses.
    This all sounds fishy to me.

    Surely if this is true, it is reported in some newspaper or something somewhere.

    Good point, I was thinking about that last night as well. I'm willing to bet a whole dollar that if someone did some digging, there would be some interesting facts regarding this issue.

    I wonder what the police report says (if one exists)..

  13. #13
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    West Coast USA
    Posts
    3,043

  14. #14
    Outsourced Program Manager Jorge - SHOPiMAR's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    3,550
    A location inquiry for one (1) address may also be ordered in person at the Records Division counters on the 23rd floor of the Police Headquarters Building at 1200 Travis.

    Time:
    At approximately 4:30am 1/22/07 Monday

    Public Information Requests
    http://www.houstontx.gov/police/public_information.htm

    News Releases
    http://www.houstontx.gov/police/news.htm


  15. #15
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    Location
    New York
    Posts
    21,609
    Datafeedfile has got to be affiliate marketing's General Hospital!

    Quote Originally Posted by Jorge - JRami
    That's it ... it's official!
    FUBAR!
    Continued Success,

    Haiko
    The secret of success is constancy of purpose ~ Disraeli

  16. #16
    ABW Ambassador MoneyBusiness's Avatar
    Join Date
    March 14th, 2006
    Posts
    2,051
    Nice. If their forum gets wind of this, the fan is gonna be covered...
    Last edited by MoneyBusiness; January 27th, 2007 at 10:29 AM. Reason: Don't want to "instigate" anything.. ;)

  17. #17
    Merchant & ABW Ambassador
    Join Date
    May 31st, 2006
    Location
    Houston TX
    Posts
    4,731
    Quote Originally Posted by Mr. Sal
    Thanks for the heads up but, unless you're working with Andrew, or have some interest on the DFF company, I don't think you're doing Andrew, or yourself, any favor by making that post before he does.

    ...don't get me wrong, but I will called the way I see it.
    Not working with DFF in any way, shape or form. And I have no stake in his company.

    I thought this might just bring some awareness to what is going on with the data feed realm and this is news to many ABWers. I check DFF-ABW forum and did not find a thread about it 4 days after the event happened.

    Sal, call it how you want (and i respect that) but this is news to many people. I think 4 days is a bit over due to announce it.
    My LStrans failed, I announced it and kept people informed.

    Jrami, you brought up a very good point. Andrew, care to adress that?
    http://www.houstontx.gov/police/news.htm

    All the best Andrew. I hope that you recover most of your data.
    Last edited by FairFieldGetaway-EricEwe; January 27th, 2007 at 11:17 AM.

  18. #18
    Lite On The Do, Heavy On The Nuts Donuts's Avatar
    Join Date
    January 18th, 2005
    Location
    Winter Park, FL
    Posts
    6,930
    darn thieving elves.

  19. #19
    Internet Cowboy
    Join Date
    January 18th, 2005
    Posts
    4,662
    I'm just glad I never signed on with them. Thanks Andrew for doing things the way you did and convincing me to stay clear of you.

    I'm now waiting for a thread blaming Asif and GC for this

  20. #20
    Affiliate Manager adambha's Avatar
    Join Date
    October 20th, 2006
    Posts
    301
    I received several text messages of multiple server down. I also received a phone call 10 minutes later from the alarm company.
    Now, if the alarm company is calling him directly, then it sounds more like he had a rack of hardware sitting next to his desk in an office in a presumably unsecured building. If it was in a datacenter, the alarm company would not call him directly.

    I worked at an ISP for awhile and they had multiple entry point biometric (hand print) security, video, alarms, and the whole nine yards. That's a datacenter.

  21. #21
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    That's not a lot of crime for a city of that size. I wonder if that's all.

  22. #22
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Quote Originally Posted by bumpaw
    That's not a lot of crime for a city of that size. I wonder if that's all.
    It's not. That page just has the items the PD decided to issue news releases about. That's why the extremely high level of fatalities among those reports, and the lack of more minor incidents.

    To really know if an incident was recorded, you'd have to inquire with the Houston PD about the specific occurance. But according to Jorge - Jrami's post, to check on a particular address's PD activity, you'd have to actually show up in person to file an inquiry~!

    But there are affs in TX, so maybe someone is close enough to do that...

  23. #23
    ABW Ambassador Snib's Avatar
    Join Date
    January 18th, 2005
    Location
    Virginia
    Posts
    5,303
    Quote Originally Posted by adambha
    Now, if the alarm company is calling him directly, then it sounds more like he had a rack of hardware sitting next to his desk in an office in a presumably unsecured building. If it was in a datacenter, the alarm company would not call him directly.

    I worked at an ISP for awhile and they had multiple entry point biometric (hand print) security, video, alarms, and the whole nine yards. That's a datacenter.
    That's what I was thinking. I'd never host my sites locally in an unsecured office. Definitely need to have them locked up in a secure datacenter.

    - Scott
    Hatred stirs up strife, But love covers all transgressions.

  24. #24
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    Quote Originally Posted by bumpaw
    That's not a lot of crime for a city of that size. I wonder if that's all.
    I think they just put a press releae for crime that makes the news.

  25. #25
    Outsourced Program Manager John Jupp's Avatar
    Join Date
    January 23rd, 2005
    Location
    England
    Posts
    1,502
    I trust that DFF will be making a similar announcement on UK forums as many UK affiliates are signed with DFF either throught the .com or the .co.uk and if you have their details they WILL want to know about it.

    As for passwords, all it takes is for one person in your employ to have SAVED the password on the server or for one employee to have KEPT a copy of the password in the office and those details will be available now.

    If you were storing financial information of non US nationals,; particularly EU nationals, you are required by law to notify Interpol. In the UK you must also notify the National High Tech Crime Unit....and again every affiliate affected.

    Bank accounts may need changing, stops on transactions making etc. If you have any details financially of any affiliate, their details and their money is at risk.

    If you have any ftp details from any affliate, their websites are at risk. I could go on but you know the score.

    Keep people informed and not just your side of the pond.

+ Reply to Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. DFF update anybody?
    By Eric Ewe in forum Virtual Family and Off-Topic
    Replies: 4
    Last Post: March 1st, 2009, 10:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •