blonde poker forum

As above - email username and passwords taken (think they also asked a "secret question" on sign up, so don't know about that). They say credit card info not compromised.  So if you used the same password/name for anywhere else best to change asap.

http://forumserver.twoplustwo.com/29/news-views-gossip/cardrunners-hacked-1035717/ - They claim that the passwords were encrypted, but they will have sent you a plain text email with a new password, so its certainly not encrypted now  ;)

btw my email about this went into my junk folder.

Got the email too.  Seems a lot of these sites/companies don't really take users' security too seriously.  As mentioned, sending out an email in plain text is hardly the most secure mechanism!

I got it too, even though I've never used the account.

How many of you use a different password for every single account you have no matter what it is because I don't?

It's tempting to use the same password for different sites/accounts - but things like this show how dangerous that can be.  Someone gets access to one of your passwords, and then they have access to other sites/accounts as well potentially.

Keeping track of dozens of passwords is difficult as well, so what options are there?  I get firefox to remember most of my username:password combinations automatically - but if you're doing this you HAVE to set up a master password that encrypts this information so that if anyone gets access to your computer (either remotely through hacking or a trojan, or physically accesses it) they can't get to your passwords without knowing your master password in firefox.  Don't lose or forget that passoword though!

My gmail recently got hacked (for about 10 minutes, but in that time they managed to send a spammy link to everyone in my contact list), and now I use the two-step verification that should offer a bit more protection in the future.  With anything that's important to you (where money is involved, or where there is important or sensitive information), it's definitely best to use a unique password, and to change it from time to time.

I never used to until my main poker account got hacked recently and cleaned out. Always thought i took fairly decent care of what was on my system but my password variation was lacking. If a hacker compromises your email then its fairly easy for them to have a new password sent out from most poker sites as secuirty questions/answers are usually fairly guessable or easy to find (FB etc).

Id advise any poker player to get a gmail account or similar with extra verification and also use a password storage similar to whats already been mentioned (there are tighter ones available to purchase).

Also make sure to take advantage of security tokens offered by stars and FT.  If you aren't the required vip level on moneybookers for them to offer you rsa tokens then hassling support seems to work.

I wonder how many of these go on that we don't hear about?

I know for a fact that several poker sites have compromised at least some of my details.

Yes, I've seen that too (not from poker accounts, but elsewhere).  Like you I'll use a thispokersite@... or thatpokersite@... and then you'll get spam or emails from third-parties to that address. Naughty people (or just crap with their security of your private details, which amounts to the same thing).

Not just spam to that address, but my name too (which as it isn't in the email addy can't be taken from that).

I get a lot of casino spam to the address I used to sign up to DTD that uses my name.

Did you only sign up to DTD using that address?

I get loads of casino spam to addresses that have been used for non gambling sites.

I don't think I've had any (non DTD) spam to my DTD address.

Anything I sign up to is "the site name"@,so DTD could easily be random but they address me by name as well.

PTR now admit to being hacked as well........

Yup, got that email this morning too.  Worrying times.

i just deleted these as fishing scams, assume they actually serious?

the CR one quoted your username, so unlikely to be phishing - the PTR one could be I suppose and def does have a dodgy link.