Jump to content

TrueFire hacked, credit cards and personal info may have been compromised


Recommended Posts


  • Member ID:  6
  • Group:  Members
  • Followers:  6
  • Topic Count:  30
  • Topics Per Day:  0.01
  • Content Count:  1,053
  • Content Per Day:  0.46
  • Reputation:   777
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  144
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  12/14/1960
  • Device:  iPhone

TrueFire hacked, credit cards and personal info may have been compromised

Tuition website TrueFire has informed users that an “unauthorised person” had access to the company’s computer system, and specifically to unencrypted information that was entered into its website, for a period of over five months.

Guitar.com was today contacted by one of the affected users, who shared with us the full text of the letter they had been sent from TrueFire LLC, titled  ‘Notice Of Data Breach’, explaining and apologising for what had occurred.

The user told us that TrueFire, which boasts over 1 million users worldwide, explained that even though it does not store personal information itself, the ‘unauthorised user’ had potentially been able to harvest sensitive customer information as it was being entered into the site.

 

In the letter, TrueFire wrote: “On January 10, 2020, TrueFire discovered that an unauthorised person gained access to our computer system and, more specifically, to information that consumers had entered through the website. While we do not store credit card information on our website, it appears that the unauthorized person gained access to the website and could have accessed the data of consumers who made payment card purchases while that data was being entered, between August 3, 2019 and January 14, 2020.”

It continued: “We cannot state with certainty that your data was specifically accessed, however you should know that the information that was potentially subject to unauthorised access includes your name, address, payment card account number, card expiration date and security code.”

TrueFire went on to recommend that affected users review payment card statements for suspicious activity, as well as following standard preventative measures against identity theft. It also provided assurance that it was monitoring for any more unauthorised activity on the site, and was working with “computer forensic specialists to determine the full nature and scope of the intrusion”, as well as reporting the breach to law enforcement authorities.

Guitar.com reached out to TrueFire for a comment on this story, and the company released the following statement to us:

“The confidentiality, privacy, and security of information in TrueFire’s possession is one of its highest priorities. TrueFire has stringent security measures in place to protect this information, and we are providing notice to the segment of customers who were potentially affected by this incident.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

Terrific... 😐  Thanks for the info @Eracer_Team-DougH

Better check your credit card statements on line now...

Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

On 3/17/2020 at 6:29 AM, Eracer_Team-DougH said:

TrueFire hacked, credit cards and personal info may have been compromised

 

Tuition website TrueFire has informed users that an “unauthorised person” had access to the company’s computer system, and specifically to unencrypted information that was entered into its website, for a period of over five months.

 

Guitar.com was today contacted by one of the affected users, who shared with us the full text of the letter they had been sent from TrueFire LLC, titled  ‘Notice Of Data Breach’, explaining and apologising for what had occurred.

 

The user told us that TrueFire, which boasts over 1 million users worldwide, explained that even though it does not store personal information itself, the ‘unauthorised user’ had potentially been able to harvest sensitive customer information as it was being entered into the site.

 

 

 

In the letter, TrueFire wrote: “On January 10, 2020, TrueFire discovered that an unauthorised person gained access to our computer system and, more specifically, to information that consumers had entered through the website. While we do not store credit card information on our website, it appears that the unauthorized person gained access to the website and could have accessed the data of consumers who made payment card purchases while that data was being entered, between August 3, 2019 and January 14, 2020.”

 

It continued: “We cannot state with certainty that your data was specifically accessed, however you should know that the information that was potentially subject to unauthorised access includes your name, address, payment card account number, card expiration date and security code.”

 

TrueFire went on to recommend that affected users review payment card statements for suspicious activity, as well as following standard preventative measures against identity theft. It also provided assurance that it was monitoring for any more unauthorised activity on the site, and was working with “computer forensic specialists to determine the full nature and scope of the intrusion”, as well as reporting the breach to law enforcement authorities.

 

Guitar.com reached out to TrueFire for a comment on this story, and the company released the following statement to us:

 

“The confidentiality, privacy, and security of information in TrueFire’s possession is one of its highest priorities. TrueFire has stringent security measures in place to protect this information, and we are providing notice to the segment of customers who were potentially affected by this incident.

 

There is some chat on Truefire that this may be "fake news".

Link to comment
Share on other sites


  • Member ID:  6
  • Group:  Members
  • Followers:  6
  • Topic Count:  30
  • Topics Per Day:  0.01
  • Content Count:  1,053
  • Content Per Day:  0.46
  • Reputation:   777
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  144
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  12/14/1960
  • Device:  iPhone

Interesting 

Maybe delete the thread till confirmation 

Link to comment
Share on other sites


  • Member ID:  12
  • Group:  Members
  • Followers:  8
  • Topic Count:  184
  • Topics Per Day:  0.08
  • Content Count:  1,235
  • Content Per Day:  0.54
  • Reputation:   1,089
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  177
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  07/19/1948
  • Device:  Windows

I'm not going to delete the thread but I am going to shut it down for now.  We will find out the facts on this.  Hopefully.

I have a call into Zach Wendkos of TrueFire.  I was told I would hear back within an hour.

  • Like 1
Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

@matonanjin @Eracer_Team-DougH  et al

Ron; Please leave this post available for any concerned members to see.

See the attached response below (an excerpt from a Truefire discussion board) 

 from Truefire regarding their possible Data breach.

In brief TF says those who MAY have been affected have been notified an measures taken to insure it does not happen again.

Annotation 2020-03-19 215044.jpg

Annotation 2020-03-19 215146.jpg

Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

Thank you to @Popeye Mike for this pm to @Eracer_Team-DougH

Doug- The information is accurate, I was one of the members who received a letter from True Fire stating that my account information may have been compromised due to unwanted tampering with members account data. 

I had also sent an email to True Fire in December stating that my credit card had been compromised and it was a new card and I only had 4 transactions on the new card with True Fire being one of those transactions.

I just saw the post last night and noted that it was locked, so I could not respond to your post.

Mike

 

 

Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

Note; This information had been verified and the topic is now unlocked for comment if desired. 

Neil

Link to comment
Share on other sites


  • Member ID:  12
  • Group:  Members
  • Followers:  8
  • Topic Count:  184
  • Topics Per Day:  0.08
  • Content Count:  1,235
  • Content Per Day:  0.54
  • Reputation:   1,089
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  177
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  07/19/1948
  • Device:  Windows

Thanks, @NeilES335.  Disappointingly I never did get the promised phone call.

Link to comment
Share on other sites


  • Member ID:  14
  • Group:  Members
  • Followers:  5
  • Topic Count:  20
  • Topics Per Day:  0.01
  • Content Count:  528
  • Content Per Day:  0.23
  • Reputation:   548
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  54
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  09/26/1951
  • Device:  iPhone

Thx for the info guys

Greg

  • Like 1
Link to comment
Share on other sites


  • Member ID:  5
  • Group:  Members
  • Followers:  6
  • Topic Count:  65
  • Topics Per Day:  0.03
  • Content Count:  1,076
  • Content Per Day:  0.47
  • Reputation:   962
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  166
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

4 hours ago, matonanjin said:

Thanks, @NeilES335.  Disappointingly I never did get the promised phone call.

I've sent some suggestions, comments and dare it say it, complaints, to their tech support about their website over a week ago and had no response.... The content is great there, but the site structure, function, layout etc. imho isnt' nearly as good as this one!  They are overdue for an overhaul.

Link to comment
Share on other sites


  • Member ID:  12
  • Group:  Members
  • Followers:  8
  • Topic Count:  184
  • Topics Per Day:  0.08
  • Content Count:  1,235
  • Content Per Day:  0.54
  • Reputation:   1,089
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  177
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  07/19/1948
  • Device:  Windows

@NeilES335, I have had, until now!, much better response from their tech support.  I have spoken with a guy name Ren and a lady, whose name I can't remember, and received remarkable resolution every time. 

And they did overhaul their site and to me it is worse than before!  They use to have a fun, active forum and now it is a ghost town.  Certainly not as good as here.

Link to comment
Share on other sites


  • Member ID:  12
  • Group:  Members
  • Followers:  8
  • Topic Count:  184
  • Topics Per Day:  0.08
  • Content Count:  1,235
  • Content Per Day:  0.54
  • Reputation:   1,089
  • Achievement Points:  0
  • Solved Content:  0
  • Days Won:  177
  • Joined:  01/04/2018
  • Status:  Offline
  • Last Seen:  
  • Birthday:  07/19/1948
  • Device:  Windows

It's an indication of something.  Although, I'm not sure of what.  but every time I go to the TrueFire forum now, or try, I get a page that states "The Forum is Down for Maintenance".  It's been down for maintenance ever since this discussion started.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Chatbox

    You don't have permission to chat.
    Load More

About us

Guitar Gathering is a community of guitar lovers of all types and skill levels.  This is a place of learning, support and encouragement.  We are unapologetically positive.

If you've come here to gripe, demean others or talk politics then this isn't the place for you.

But if you've come to talk guitars, ask questions and learn from professionals and guitar learners from all over the world then come on in!

Get in touch

Follow us

facebook feed

Recent tweets

×
×
  • Create New...