Racing Post

[BigAdz]

Anyone get an email stating that they have been hacked and you should change all your related passwords?

[tikay]

Not me, Adz. Hope it is not a big prob.

[AndrewT]

Yeah, I did

Dear Andrew,

Despite our best efforts, the security on racingpost.com has been breached over the last 36 hours, in a sophisticated, sustained and aggressive attack. One of our databases was accessed and customer details were stolen.

Security is an area we take extremely seriously and our website has not been compromised previously. As soon as we were aware of the situation we did everything in our power to halt the breach. We have now established that a number of customer accounts were accessed. Although all the passwords are encrypted, we believe that there is still a chance that some passwords can be deciphered. As yours is one of the accounts involved, there is a risk of identity theft. Please be aware that we do not store your credit card details on our website and these have not been the subject of any theft.

As part of our efforts to resolve the issue, we have turned off the ability to register / log-on to racingpost.com. You will still be able to access the site safely. Members' club content will also be available.

However, we are contacting you now to request that you take all precautions and reset your passwords on any other site which uses the same password as the one you use on racingpost.com as soon as you can. If, for example, you use the same password for your bookmaker accounts, email accounts or for social media we advise you to reset them. Mine is one of the accounts involved and I will be changing my passwords. We understand how inconvenient this is - and can only apologise for any difficulty this causes - but feel it is necessary under the circumstances.

Once we are totally satisfied that using your account details on racingpost.com is completely secure, you will need to reset your password on our site. We will send you an email with instructions on how to do this. For security reasons, there will be no links on the email. You will need to visit the racingpost.com website to make the changes. For now, please proceed with changing your passwords (if the same as your racingpost.com password) on any other site.

If you have any questions, please contact Racing Post customer services on 01635 246505.

Please be assured that we are currently reviewing all of our security measures and will put in place even stronger protection to stop this happening again. Extensive changes have already been made overnight with the assistance of industry-leading cyber-security experts.

We are extremely sorry that this unfortunate incident has occurred and thank you for your patience and understanding.

We will be in touch in due course once we have re-established the registration / log-in part of the site.

Yours faithfully


Bruce Milllington
Editor

[BigAdz]

Been so long since I logged on, I cant remember which password I used. A right pain in the ass!

[Marky147]

Yeah, had the same from Winamax on Friday as well.

[redsimon]

Anyone get an email stating that they have been hacked and you should change all your related passwords?

Yeah, didn't realise I had one tbh. Never given them any c/c details or suchlike and only view it without logging in.

[Doobs]

Yeah, had the same from Winamax on Friday as well.

I haven't got anything from Winamax, could you paste it up, cheers.

[Marky147]

Yeah, had the same from Winamax on Friday as well.

I haven't got anything from Winamax, could you paste it up, cheers.

Original

Bonjour,

Notre cellule de veille a trouvé récemment sur Internet une liste de
comptes utilisateurs provenant d'une récente intrusion dans les serveurs
Adobe, éditeur de logiciels tels que Flash Player, Acrobat PDF Reader...
Cette liste contient les emails et les mots de passe des clients Adobe sous
forme hashée. Adobe a déjà émis un bulletin d'alerte :

http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html

Vous recevez cet email car votre adresse était dans cette base de données.

Bien que cet incident ne concerne pas Winamax, nous savons que de nombreux
clients réutilisent le même mot de passe sur plusieurs sites web.
Si tel est votre cas sur Winamax, nous vous conseillons de le changer
par mesure de sécurité (ce conseil est aussi valable pour votre compte
de messagerie).

Dans tous les cas, sachez que Winamax ne vous demandera jamais votre mot
de passe et nous vous suggérons d'avoir un mot de passe pour Winamax qui
n'est pas le même que ceux utilisés sur d'autres services (messagerie,
comptes en ligne, enregistrement de logiciels ...)

En vous remerciant,

Cordialement.

--
Cellule de Veille Winamax


Translation

Hello,

Our intelligence unit recently found on the Internet a list of
user accounts from a recent intrusion into the servers
Adobe , a software such as Flash Player , Acrobat PDF Reader ...
This list contains the emails and passwords of Adobe customers in
hashed form . Adobe has issued a warning bulletin:

http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html

You are receiving this email because your email address was in this database.

Although this incident is not about Winamax , we know that many
customers reuse the same password on multiple websites .
If this is your case Winamax , we recommend that you change
for safety ( this advice also applies to your account
messaging ) .

In any case , know that Winamax never ask you for your password
Password and we suggest you have a password for that Winamax
is not the same as those used on other services (email,
online accounts, software registration ... )

Thanking you,

Cordially.

-
Watch cell Winamax

[AndrewT]

That's actually pretty sharp from Winamax - running a query matching their database against the hacked Adobe ones and letting the affected players know.

[Doobs]

Cheers Mark.

I am not sure I am affected by the Adobe thing.  I think I registered there sometime last year, but not entirely sure.  I was trying to put something in PDF or similar and gave up in the end.

I certainly don't remember which password I used. 

[Marky147]

No worries.

 I've not received anything from Adobe, and didn't even know I was registered for anything with them.

I just update my flashplayer when it tells me, and the same whenever winamax upgrades

[doubleup]

yes got the RP email as well

The silver lining to this cloud is that you can get all the members club stuff free till they fix it!

just found my rofl password for the site - its my initials and some numbers.  Think the the RP was the first site I joined - downloading form files by dial-up modem....

[doubleup]

The tossers have now said DOB is among the info stolen - that's pretty bad as with the full name address and DOB it would be quite easy to get access to some email accounts thru social engineering.  So prob best to stop using the linked email address.

[BigAdz]

This is pretty scary stuff.

You are now very reliant on other organisations being on their game to ensure scammers dont fudge their way round other security questions to gain access to accounts.

And all with no form of recourse no doubt.....